1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Cisco has patched a worrying flaw which could have let attackers

    From TechnologyDaily@1337:1/100 to All on Friday, May 09, 2025 16:00:09
    Cisco has patched a worrying flaw which could have let attackers hijack devices

    Date:
    Fri, 09 May 2025 14:44:00 +0000

    Description:
    Another day, another hardcoded token, as Cisco moves to defend against threats.

    FULL STORY ======================================================================Cisco has patched a 10/10 flaw in IOS XE Software for Wireless LAN Controllers The flaw was due to hardcoded tokens There is no evidence of abuse in the wild (yet)

    Cisco has released a patch for a maximum-severity flaw found in its IOS XE Software for Wireless LAN Controllers which could have allowed threat actors to take over vulnerable endpoints.

    The flaw is yet another case of hardcoded credentials, this time in the form of a JSON Web Token (JWT). An attacker could exploit this vulnerability by sending crafted HTTPS requests to the AP image download interface, it is explained in the NVD website. A successful exploit could allow the attacker
    to upload files, perform path traversal, and execute arbitrary commands with root privileges.

    The vulnerability is now tracked as CVE-2025-20188, and has the maximum security score - 10/10 (critical). No mitigations

    It was also noted that the vulnerability can only be exploited on devices
    that have the Out-of-Band Image Download feature enabled which, on default settings, is not the case.

    According to BleepingComputer , this is a feature that allows access points
    to download OS images via HTTPS instead of CAPWAP, which is a somewhat more flexible and direct way of getting firmware onto access points.

    The publication says that while its off by default, some large-scale or automated enterprise deployments have turned it on.

    Unfortunately, there are no mitigations for the flaw. The best way to
    minimize the risk of exposure is to deploy the patch. A possible workaround
    is to disable the Out-of-Band Image Download feature, which could work well
    if the enterprise isnt actually using it.

    Cisco said it hasnt seen evidence of in-the-wild abuse just yet, but users should still be on their guard.

    Here is a list of vulnerable devices:

    Catalyst 9800-CL Wireless Controllers for Cloud
    Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
    Catalyst 9800 Series Wireless Controllers
    Embedded Wireless Controller on Catalyst APs

    And here is a list of devices that are safe to use:

    Cisco IOS (non-XE)
    Cisco IOS XR
    Cisco Meraki products
    Cisco NX-OS
    Cisco AireOS-based WLCs You might also like Millions of online shoppers could be at risk from hardcoded Shopify tokens Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisco-has-patched-a-worrying-flaw-which -could-have-let-attackers-hijack-devices


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)