Cisco on Wednesday informed customers that several vulnerabilities, including a code execution flaw classified as “high severity,” have been found in the company’s Industrial Network Director product.
Cisco Industrial Network Director is specifically designed for managing industrial networks and it allows operations teams to gain full visibility into their automation network.
While conducting internal security testing, Cisco employees identified three types of vulnerabilities in Industrial Network Director. The most serious of them, tracked as CVE-2019-1861 with a CVSS score of 7.2, is a remote code execution flaw.
While these types of vulnerabilities can be dangerous, Cisco’s advisory reveals that exploitation of CVE-2019-1861 requires the attacker to authenticate on the targeted system with admin privileges and upload a malicious file. This would allow them to execute arbitrary code with elevated privileges.
The security hole has been patched with the release of version 1.6.0. Prior versions are impacted.
Cisco also discovered that Industrial Network Director is affected by a stored cross-site scripting (XSS) vulnerability that can be exploited remotely by an authenticated attacker for XSS attacks, and a cross-site request forgery (CSRF) flaw that allows an unauthenticated attacker to perform arbitrary actions on the targeted device by getting a legitimate user to click on a malicious link.
The XSS and CSRF vulnerabilities have been classified as “medium severity” and they have not been patched.
Cisco also informed customers on Wednesday that the authentication system used by Cisco Unified Communications Manager IM and Presence (Unified CM IM&P), TelePresence Video Communication Server (VCS), and Expressway Series is affected by a security hole that can be exploited remotely without authentication for denial-of-service (DoS) attacks. Patches have been released for this vulnerability.
Another interesting vulnerability disclosed by Cisco this week affects the BIOS upgrade utility for Unified Computing System (UCS) C-Series Rack Servers. A local, authenticated attacker can install a malicious BIOS on affected devices due to insufficient validation of firmware images. A patch has not been released.
Related: Rockwell Patches Stratix Switch Flaws Introduced by Cisco Software
Related: Default Account in Cisco CSPC Allows Unauthorized Access
Related: Cisco Patches Critical Vulnerability in Data Center Switches