Cybersecurity roundup: Cisco, Rapid7 discover vulnerabilities
Credit: Stefan Schweihofer from Pixabay
No fix for password validation vulnerability in Cisco routers at end-of-life
Cisco will not release a software update to address a security vulnerability in the web-based management interface of its still-available small-business routers – the models RV110W, RV130, RV130W and RV215W.
The vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface.
The routers could result in a denial-of-service condition. According to the advisory, an attacker could send a crafted request to the web-based management interface and execute arbitrary commands on an affected device using root-level privileges.
Cisco has not, and does not, intend to release software updates, according to the announcement, and there are no workarounds.
"The Cisco Small Business RV110W, RV130, RV130W and RV215W Routers have entered the end-of-life process," said Cisco officials in the announcement. The company advises customers to migrate to the Cisco Small Business RV132W, RV160 or RV160W routers.
Multiple patches for multiple Cisco products are available
Cisco has also released updates to address cybersecurity vulnerabilities in multiple products.
According to its advisory, the Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to apply the necessary updates for two of the higher-severity vulnerabilities.
The Cisco SD-WAN vManage software unauthenticated access to messaging services vulnerability exists because the messaging server container ports on an affected system lack sufficient protection mechanisms, says Cisco.
The vulnerability in an Nvidia data plane development kit affects Cisco products because the messaging server container ports on an affected system lack sufficient protection mechanisms.
Additional updates for lower-severity vulnerabilities are also available.
Software updates for infusion pumps and batteries are forthcoming
In April, Rapid7 discovered multiple vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare – the SIGMA Spectrum Infusion Pump (Firmware Version 8.00.01) and SIGMA Wi-Fi Battery (Firmware Versions 16, 17, 20 D29)
Software updates to disable Telnet and FTP (CVE-2022-26392) are in process while others are now available, according to Baxter.
Updates to address the format string attack (CVE-2022-26393) are addressed in WBM version 20D30 and all other WBM versions, and authentication is already available in Spectrum IQ (CVE-2022-26394).
Instructions to erase all data and settings from WBMs and pumps before decommissioning and transferring to other facilities (CVE-2022-26390) are available on Baxter's website.
Email: afox@himss.org
Healthcare IT News is a HIMSS publication.