CyberNews Briefs

Critical Cisco VM Bug Allows Remote Takeover of Routers

Various Cisco routers are vulnerable to remote takeover by hackers due to a security flaw that has been given the maximum severity score on the CvSS scale (10 out of 10). Cisco has released a patch for the bug and warns that it could be exploited by sending a simple HTTP request to a vulnerable router.

The critical vulnerability, tracked as (CVE-2019-12643), impacts Cisco 4000 Series Integrated Services Routers; Cisco ASR 1000 Series Aggregation Services Routers; Cisco Cloud Services Router 1000V Series; and Cisco Integrated Services Virtual Routers. However, only devices for which REST API has been enabled are affected. REST API is basically a virtual machine (VM) running on certain devices. The flaw is part of the REST API code, which is not native to the aforementioned routers.

Read more: Critical Cisco VM Bug Allows Remote Takeover of Routers

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.