Indian cyber agency has detected several flaws in Cisco products that may compromise the security of these devices.

India's CERT-In issued an advisory about serious vulnerabilities in Cisco products that could allow hackers to access and steal data.

April 27th 2024.

Indian cyber agency has detected several flaws in Cisco products that may compromise the security of these devices.
The Indian Computer Emergency Response Team recently released an advisory regarding three serious vulnerabilities found in Cisco products. These products, which fall under the Ministry of Electronics & Information Technology, are used in networking and could potentially allow hackers to gain access to computer systems and steal sensitive data.

As per the advisory, the vulnerabilities were discovered in Cisco Adaptive Security Appliance software and Cisco Firepower Threat Defense software. If exploited, these vulnerabilities could let attackers execute arbitrary commands and code with root-level privileges. This could also lead to the device reloading unexpectedly, causing a denial of service.

The first vulnerability, known as the 'Command Injection Vulnerability', was found due to an issue with the sanitization of a backup file during restoration. This allows attackers to craft a malicious backup file to gain access to the device. The second vulnerability, called the 'Denial of Service Vulnerability', occurs due to incomplete error checking when parsing an HTTP header. This could be exploited by sending a customized HTTP request to a targeted web server on the device, causing it to reload and creating a DoS condition.

The third vulnerability, known as the 'Code Execution Vulnerability', is caused by improper validation of a file when it is read from system flash memory. An attacker could exploit this by copying a crafted file to the disk0: file system of the affected device. To mitigate these risks, CERT-In advises users to apply the appropriate updates released by Cisco.

In conclusion, it is important to stay vigilant and keep our systems up-to-date to protect ourselves from cyber attacks. The Indian Computer Emergency Response Team is constantly monitoring for potential vulnerabilities and issuing advisories to keep our systems safe. Let us all do our part in maintaining the security of our networks.

[This article has been trending online recently and has been generated with AI. Your feed is customized.]
[Generative AI is experimental.]

 0
 0