Cybersecurity specialists reported the finding of at least 12 security vulnerabilities in Cisco solutions operating with Cisco IOS XE Wireless Controller Software. According to the report, the exploitation of these flaws would allow the deployment of all kinds of malicious activities.
Below is a brief description of the reported flaws, in addition to their respective identification and score keys according to the Common Vulnerability Scoring System (CVSS).
CVE-2020-3418: An incomplete access control list (ACL) is applied before the RUN state, which would allow remote attackers to send ICMPv6 traffic before the RUN state, gaining access to restricted functions. The flaw received a score of 4.1/10.
CVE-2020-3390: Insufficient validation of user-provided input in SNMP Protocol trap generation for wireless clients would allow threat actors to send specially designed packets to deploy denial-of-service (DoS) attacks.
This vulnerability received a score of 6.4/10, mentioned by cybersecurity experts.
CVE-2020-3429: Insufficient validation of user-given entries in WPA2 and WPA3 security implementation allows malicious hackers to perform a denial of service (DoS) attack. The flaw received a score of 6.4/10.
CVE-2020-3399: A boundary condition in the CAPWAP protocol could allow threat actors to send a specially designed packet and trigger an out-of-bounds read error. The flaw received a score of 7.5/10.
CVE-2020-3497: This flaw exists due to insufficient validation of user input in the protocol (CAPWAP, allowing malicious hackers to perform DoS attacks against the target system.
This vulnerability received a score of 6.4/10.
CVE-2020-3494: Insufficient validation of user-provided input in the CAPWAP protocol allows attackers on the local network to send CAPWAP packets specially designed to deploy DoS attacks.
CVE-2020-3493: Insufficient validation of user-provided input in the CAPWAP protocol would allow threat actors to deploy denial-of-service attacks using specially designed packets.
This flaw received a score of 6.4/10.
CVE-2020-3489: This flaw exists due to insufficient validation of user input in the CAPWAP protocol, allowing threat actors to deploy denial-of-service attacks. The flaw received a score of 6.4/10.
CVE-2020-3488: Insufficient validation of user input in the CAPWAP protocol would allow threat actors to deploy denial-of-service attacks against the target system. According to cybersecurity experts, the flaw received a score of 6.4/10.
CVE-2020-3487: Insufficient validation of user-provided input in the CAPWAP protocol would allow threat actors to send packets specially designed to deploy denial of service (DoS) attacks. This vulnerability received a CVSS score of 6.4/10.
CVE-2020-3486: Poor validation of user input in CAPWAP protocol would allow malicious hackers to deploy DoS attacks by sending specially designed packages. This flaw received a score of 6.4/10.
CVE-2020-3428: Inadequate HTTP packet analysis would allow remote threat actors to send HTTP packets specially designed to generate a DoS attack. This flaw received a score of 6.4/10.
Accounting vulnerabilities to the following Cisco products:
- Catalyst 9800 integrated wireless controller for Catalyst 9300, 9400 and 9500 series switches
- Catalyst 9800 Series Wireless Controllers
- Wireless controller integrated into Catalyst 9100 access points
The flaws have already been fixed, so Cisco recommends users upgrade to the latest versions available on their official platforms.