Cybersecurity roundup: Cisco, Rapid7 discover vulnerabilities

CISA advises on two high-level cybersecurity vulnerabilities in Cisco products while fixes for infusion pumps made by Baxter Healthcare have been released.
By Andrea Fox
09:54 AM

No fix for password validation vulnerability in Cisco routers at end-of-life 

Cisco will not release a software update to address a security vulnerability in the web-based management interface of its still-available small-business routers – the models RV110W, RV130, RV130W and RV215W. 

The vulnerability is due to insufficient user input validation of incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. 

The routers could result in a denial-of-service condition. According to the advisory, an attacker could send a crafted request to the web-based management interface and execute arbitrary commands on an affected device using root-level privileges.

Cisco has not, and does not, intend to release software updates, according to the announcement, and there are no workarounds.

"The Cisco Small Business RV110W, RV130, RV130W and RV215W Routers have entered the end-of-life process," said Cisco officials in the announcement. The company advises customers to migrate to the Cisco Small Business RV132W, RV160 or RV160W routers.

Multiple patches for multiple Cisco products are available

Cisco has also released updates to address cybersecurity vulnerabilities in multiple products. 

According to its advisory, the Cybersecurity and Infrastructure Security Agency (CISA) encourages administrators to apply the necessary updates for two of the higher-severity vulnerabilities.

The Cisco SD-WAN vManage software unauthenticated access to messaging services vulnerability exists because the messaging server container ports on an affected system lack sufficient protection mechanisms, says Cisco.

The vulnerability in an Nvidia data plane development kit affects Cisco products because the messaging server container ports on an affected system lack sufficient protection mechanisms.

Additional updates for lower-severity vulnerabilities are also available. 

Software updates for infusion pumps and batteries are forthcoming

In April, Rapid7 discovered multiple vulnerabilities in two TCP/IP-enabled medical devices produced by Baxter Healthcare – the SIGMA Spectrum Infusion Pump (Firmware Version 8.00.01) and SIGMA Wi-Fi Battery (Firmware Versions 16, 17, 20 D29)

Software updates to disable Telnet and FTP (CVE-2022-26392) are in process while others are now available, according to Baxter.

Updates to address the format string attack (CVE-2022-26393) are addressed in WBM version 20D30 and all other WBM versions, and authentication is already available in Spectrum IQ (CVE-2022-26394). 

Instructions to erase all data and settings from WBMs and pumps before decommissioning and transferring to other facilities (CVE-2022-26390) are available on Baxter's website

Andrea Fox is senior editor of Healthcare IT News.
Email: afox@himss.org

Healthcare IT News is a HIMSS publication.
Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.