November 11, 2024

Cisco Patches Critical Vulnerability in Industrial Wireless Access Points

BleepingComputer

Contributed by: Reid Stephan

Summary

Cisco has released a security update to address a serious vulnerability, CVE-2024-20418, affecting its Ultra-Reliable Wireless Backhaul (URWB) access points, which are critical for industrial wireless automation. The flaw, located in the web-based management interface of Cisco's Unified Industrial Wireless Software, allows unauthenticated attackers to execute commands with root privileges through command injection attacks without user interaction. This vulnerability affects specific models, including the Catalyst IW9165D, IW9165E, and IW9167E access points, only when running vulnerable software in URWB mode. While there is no evidence of active exploitation or publicly available exploit code, administrators are advised to check their devices for risk using the "show mpls-config" command.

Read Full Story

Explore Related Topics

Cybersecurity & Privacy

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Cisco Patches Critical Vulnerability in Industrial Wireless Access Points

Share this story:

Explore Related Topics

Subscribe Now to Receive Seven Top Stories Daily to Your Inbox

Peer Curated News

Direct to your Inbox

Your career accelerator!

Search

Healthcare Transformation Powered by Community