Rewterz

Rewterz Threat Alert – Blackremote: An undocumented RAT

October 16, 2019
Rewterz

Rewterz Threat Alert – Malicious Payloads – Hiding Beneath the WAV

October 17, 2019

Rewterz Threat Advisory – CVE-2019-15260 – Cisco Aironet Access Points Unauthorized Access Vulnerability

Severity

High

Analysis Summary

The vulnerability is due to insufficient access control for certain URLs on an affected device. An attacker could exploit this vulnerability by requesting specific URLs from an affected AP. An exploit could allow the attacker to gain access to the device with elevated privileges. While the attacker would not be granted access to all possible configuration options, it could allow the attacker to view sensitive information and replace some options with values of their choosing, including wireless network configuration. It would also allow the attacker to disable the AP, creating a denial of service (DoS) condition for clients associated with the AP.

Impact

Denial of service

Affected Vendors

Cisco

Affected Products

  • Aironet 1540 Series APs
  • Aironet 1560 Series APs
  • Aironet 1800 Series APs
  • Aironet 2800 Series APs
  • Aironet 3800 Series APs
  • Aironet 4800 APs

Remediation

Please see vendor’s advisory for more details

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-unauth-access

Reading this advisory was a good start.

Make it a habit.

Rewterz publishes threat advisories ahead of mainstream cybersecurity media, informed by an AI-Native Autonomous SOC that sees regional threat actor activity in real time. Subscribe to receive each new advisory as it publishes, plus a monthly Middle East threat landscape brief drawn from our own SOC telemetry. For teams evaluating their detection coverage, a 30-minute consultation with a senior analyst is also available, at your pace, when you're ready.