Cisco Patches Critical Vulnerability in Industrial Networking Solution

Cisco on Wednesday announced patches for dozens of vulnerabilities in its enterprise products, including a critical-severity flaw in Unified Industrial Wireless software.

The critical bug, tracked as CVE-2024-20418 (CVSS score of 10/10), allows a remote, unauthenticated attacker to inject commands on the underlying operating system, with root privileges.

The issue exists because the web-based management interface of the industrial networking solution does not properly validate input, allowing an attacker to send crafted HTTP requests.

Furthermore other high-severity and mid-severity bugs patched, too.

See more: https://www.securityweek.com/cisco-patches-critical-vulnerability-in-industrial-networking-solution/

#cybersecurity #cisco