November 7, 2024 at 04:47PM
Cisco has identified a vulnerability in its Unified Industrial Wireless Software for URWB access points, potentially allowing remote attackers to execute command injection attacks. Affected models include Catalyst IW9165D, IW9165E, and IW9167E with URWB mode enabled. Cisco has released a fix, though there’s no known public exploitation of the issue.
### Meeting Takeaways on Cisco Bug Vulnerability
1. **Vulnerability Identification**:
– Cisco has identified a bug in the **Unified Industrial Wireless Software** for **Cisco Ultra-Reliable Wireless Backhaul (URWB)** access points.
– This vulnerability allows unauthenticated remote attackers to carry out **command injection attacks**.
2. **Impact of the Vulnerability**:
– Attackers can exploit the bug via **HTTP requests** sent to the Web-based management interface.
– Successful exploitation could allow execution of **arbitrary commands with root privileges** on the device’s operating system.
3. **Affected Devices**:
– The vulnerability affects the following Cisco wireless access points if running the URWB operating mode:
– **Catalyst IW9165D**
– **Catalyst IW9165E** (both access points and clients)
– **Catalyst IW9167E**
– Devices not running URWB are **not affected**.
4. **Verification Method**:
– Users can check if URWB is enabled by using the CLI command: **”show mpls-config”**.
– If the command is available, URWB is **enabled** and the device is affected.
– If the command is **not available**, URWB is **disabled** and the device is **not affected**.
5. **Current Status**:
– Cisco has released a **fix** for the vulnerability.
– No other workarounds are available at this time.
– Cisco is currently **unaware of any public exploitation** of this vulnerability.
### Action Items:
– Review device configurations to check for URWB operating mode.
– Apply the fix provided by Cisco to affected devices.