Cisco has released patches to contain a critical security
vulnerability affecting the Wireless LAN Controller (WLC) that
could be abused by an unauthenticated, remote attacker to take
control of an affected system.
Tracked as CVE-2022-20695[1], the issue has been
rated 10 out of 10 for severity and enables an adversary to bypass
authentication controls and log in to the device through the
management interface of WLC.
“This vulnerability is due to the improper implementation of the
password validation algorithm,” the company said in an advisory.
“An attacker could exploit this vulnerability by logging in to an
affected device with crafted credentials.”
Successful exploitation of the flaw could permit an attacker to
gain administrator privileges and carry out malicious actions in a
manner that allows a complete takeover of the vulnerable
system.
The company stressed that the issue only affects the following
products if running Cisco WLC Software Release 8.10.151.0 or
Release 8.10.162.0 and have macfilter radius compatibility
configured as Other –
- 3504 Wireless Controller
- 5520 Wireless Controller
- 8540 Wireless Controller
- Mobility Express, and
- Virtual Wireless Controller (vWLC)
Users are recommended to update to version 8.10.171.0 to address
the flaw. Cisco Wireless LAN Controller versions 8.9 and earlier as
well as 8.10.142.0 and earlier, are not vulnerable.
Cisco, crediting an unnamed researcher at Bispok with reporting
the weakness, said there is no evidence that CVE-2022-20695 is
being actively exploited in the wild.
Also patched[2]
by the networking equipment major this week are 14 high severity
flaws and nine medium severity issues impacting Cisco IOS XE/XR and
SD-WAN vManage software, and Catalyst Digital Building Series
Switches and Catalyst Micro Switches.
References
- ^
CVE-2022-20695
(tools.cisco.com) - ^
patched
(tools.cisco.com)
Read more https://thehackernews.com/2022/04/critical-auth-bypass-bug-reported-in.html