01 October 2019

Vulnerability in Cisco IOS and IOS XE affecting industrial routers

Cisco has identified more than ten dangerous vulnerabilities in its Cisco IOS and IOS XE software. One of them affects Cisco’s Series 800 and Series 1000 industrial routers.

The vulnerability in question is CVE-2019-12648. A CVSS v 3.0 base score of 9.9 has been calculated for it. The vulnerability could allow a remote attacker to gain unauthorized access to the guest OS as a root user. However, it only affects the guest OS on a virtual machine running on an IOS device and under no circumstances provides an attacker with administrative access to the IOS software running on the device. An attacker could exploit the vulnerability by authenticating to the Guest OS by using the low-privileged-user credentials.

To quickly determine if a specific Cisco IOS or IOS XE software release is affected by the vulnerability, the Cisco IOS Software Checker provided by the vendor can be used.

It is recommended that customers install free software updates provided by Cisco for affected products to address the vulnerability. In the event that this is not possible, the guest OS should be disabled to reduce the risk of the vulnerability being exploited.

Source: Cisco