Cisco has resolvedVulnerability-related.PatchVulnerabilitya set of critical vulnerabilities in Policy Suite which permit attackers to cause havoc in the software 's databases . This week , the tech giant releasedVulnerability-related.PatchVulnerabilitya security advisory detailing four vulnerabilities which could place enterprise users at risk of information leaks , account compromise , database tampering , and more . The first vulnerability , CVE-2018-0374 , has earned a CVSS base score of 9.8 . Described asVulnerability-related.DiscoverVulnerabilityan unauthenticated bypass bug , the security flaw `` could allow an unauthenticated , remote attacker to connect directly to the Policy Builder database , '' according to Cisco . The bug has been caused by a simple lack of authentication and as there is no requirement for identity verification , Policy Builder databases can be accessed and tampering with without limitation . Cisco Policy Suite releases prior to 18.2.0 are affectedVulnerability-related.DiscoverVulnerability. The second vulnerability , CVE-2018-0375 , is a default password error . The CVSS 9.8 bug is present inVulnerability-related.DiscoverVulnerabilitythe Cluster Manager of Cisco Policy Suite and could allow an unauthenticated , remote attacker to log in to a vulnerable system using a root account . The serious security problem has emergedVulnerability-related.DiscoverVulnerabilitydue to the use of undocumented , static user credentials for root accounts . If a hacker has knowledge of these credentials , they can become a root user and are able to execute arbitrary commands . Versions of the software prior to 18.2.0 are vulnerableVulnerability-related.DiscoverVulnerabilityto exploit . The third bug , CVE-2018-0376 , is another unauthenticated access problem and is also caused by a lack of authentication measures . `` A successful exploit could allow the attacker to make changes to existing repositories and create new repositories , '' Cisco saysVulnerability-related.DiscoverVulnerability. Cisco Policy Suite versions prior to 18.2.0 are affectedVulnerability-related.DiscoverVulnerability. The fourth security flaw , CVE-2018-0377 , affectsVulnerability-related.DiscoverVulnerabilitythe Open Systems Gateway initiative ( OSGi ) interface of Cisco Policy Suite . There is a lack of authentication within the OSGi interface which permits attackers to circumvent security processes and directly connect to the interface , access any files contained within they wish , and modify any content which is accessible through the process . This vulnerability impactsVulnerability-related.DiscoverVulnerabilityPolicy Suite versions prior to 18.1.0 . There are no workarounds to circumvent these vulnerabilities . However , patches have been issued to addressVulnerability-related.PatchVulnerabilitythem and Cisco says that no reports have been received which indicate the bugs are being exploitedVulnerability-related.DiscoverVulnerabilityin the wild . In addition , Cisco has revealedVulnerability-related.DiscoverVulnerabilityseven now-patched bugs affectingVulnerability-related.DiscoverVulnerabilitySD-WAN solutions . The vulnerabilities included command injection security flaws , a remote code execution bug , and arbitrary file overwrite issues .
Cisco has resolvedVulnerability-related.PatchVulnerabilitya set of critical vulnerabilities in Policy Suite which permit attackers to cause havoc in the software 's databases . This week , the tech giant releasedVulnerability-related.PatchVulnerabilitya security advisory detailing four vulnerabilities which could place enterprise users at risk of information leaks , account compromise , database tampering , and more . The first vulnerability , CVE-2018-0374 , has earned a CVSS base score of 9.8 . Described asVulnerability-related.DiscoverVulnerabilityan unauthenticated bypass bug , the security flaw `` could allow an unauthenticated , remote attacker to connect directly to the Policy Builder database , '' according to Cisco . The bug has been caused by a simple lack of authentication and as there is no requirement for identity verification , Policy Builder databases can be accessed and tampering with without limitation . Cisco Policy Suite releases prior to 18.2.0 are affectedVulnerability-related.DiscoverVulnerability. The second vulnerability , CVE-2018-0375 , is a default password error . The CVSS 9.8 bug is present inVulnerability-related.DiscoverVulnerabilitythe Cluster Manager of Cisco Policy Suite and could allow an unauthenticated , remote attacker to log in to a vulnerable system using a root account . The serious security problem has emergedVulnerability-related.DiscoverVulnerabilitydue to the use of undocumented , static user credentials for root accounts . If a hacker has knowledge of these credentials , they can become a root user and are able to execute arbitrary commands . Versions of the software prior to 18.2.0 are vulnerableVulnerability-related.DiscoverVulnerabilityto exploit . The third bug , CVE-2018-0376 , is another unauthenticated access problem and is also caused by a lack of authentication measures . `` A successful exploit could allow the attacker to make changes to existing repositories and create new repositories , '' Cisco saysVulnerability-related.DiscoverVulnerability. Cisco Policy Suite versions prior to 18.2.0 are affectedVulnerability-related.DiscoverVulnerability. The fourth security flaw , CVE-2018-0377 , affectsVulnerability-related.DiscoverVulnerabilitythe Open Systems Gateway initiative ( OSGi ) interface of Cisco Policy Suite . There is a lack of authentication within the OSGi interface which permits attackers to circumvent security processes and directly connect to the interface , access any files contained within they wish , and modify any content which is accessible through the process . This vulnerability impactsVulnerability-related.DiscoverVulnerabilityPolicy Suite versions prior to 18.1.0 . There are no workarounds to circumvent these vulnerabilities . However , patches have been issued to addressVulnerability-related.PatchVulnerabilitythem and Cisco says that no reports have been received which indicate the bugs are being exploitedVulnerability-related.DiscoverVulnerabilityin the wild . In addition , Cisco has revealedVulnerability-related.DiscoverVulnerabilityseven now-patched bugs affectingVulnerability-related.DiscoverVulnerabilitySD-WAN solutions . The vulnerabilities included command injection security flaws , a remote code execution bug , and arbitrary file overwrite issues .
After the publication of an article in Security Affairs called `` ClearEnergy ransomware aim to destroy process automation logics in critical infrastructure , SCADA and industrial control systems , '' security researchers used Twitter to bash the company for what they felt were lies about real world attacks , the company orchestrating a media stunt , and not releasing any research they could vet . Following this criticism , the company ended up apologizing , saying they forgot to mention it was only a proof-of-concept ransomware , and promised to release more details in the upcoming days . According to a blog post published a day later , CRITIFENCE experts only revealedVulnerability-related.DiscoverVulnerabilitythey discoveredVulnerability-related.DiscoverVulnerabilitytwo issues in the Modicon Modbus protocol used in PLC ( Programmable Logic Controllers ) , equipment that is often found in industrial facilities all over the world , and used to control and automate sensors and motors . In their blog post , CRITIFENCE experts claimedVulnerability-related.DiscoverVulnerabilityto have developed a proof-of-concept ransomware that can use the two issues ( CVE-2017-6032 and CVE-2017-6034 ) to delete a PLC 's ladder logic diagram , if a ransom isn't paidAttack.Ransomin due time , effectively wiping the PLC 's software . At the time of writing , CRITIFENCE has not published the technical report they promised . Nevertheless , the two security flaws CRITIFENCE discoveredVulnerability-related.DiscoverVulnerabilityare real and have resultedVulnerability-related.PatchVulnerabilityin a patch from Schneider Electric , the PLC vendor whose products are affectedVulnerability-related.DiscoverVulnerability. Earlier this year , researchers from the Georgia Institute of Technology ( GIT ) have created a proof-of-concept ransomware strain named LogicLocker that can alter programmable logic controller ( PLC ) parameters
DiscoveredVulnerability-related.DiscoverVulnerabilityby a security researcher who goes by the name of Zenofex , these security flaws have not been reportedVulnerability-related.DiscoverVulnerabilityto Western Digital , are still unpatchedVulnerability-related.PatchVulnerability, and with public exploit code is available for more than half of the vulnerabilities . According to Zenofex multiple WD MyCloud NAS device models are affectedVulnerability-related.DiscoverVulnerability, such as : Zenofex 's decision not to informVulnerability-related.DiscoverVulnerabilityWestern Digital came after the researcher attended a security conference last year , where other infosec professionals complained about Western Digital ignoring vulnerability reportsVulnerability-related.DiscoverVulnerability. It was at the same conference , Black Hat USA 2016 , where Western Digital also won a Pwnie Award in a category called `` Lamest Vendor Response . '' `` Ignoring these bugs would leave the vulnerable devices online for longer periods while responsible disclosureVulnerability-related.DiscoverVulnerabilityis worked out , '' Zenofex argued his decision not to wait until Western Digital patchesVulnerability-related.DiscoverVulnerabilitythe security bugs . `` Instead we ’ re attempting to alertVulnerability-related.DiscoverVulnerabilitythe community of the flaws and hoping that users remove their devices from any public facing portions of their networks , limiting access wherever possible , '' he added . Zenofex , who 's a member of the Exploitee.rs community , says he foundVulnerability-related.DiscoverVulnerabilitya whopping total of 85 security issues . Based on the exploit code , many of these security flaws can be exploitedVulnerability-related.DiscoverVulnerabilityby altering cookie values or embedding shell commands in cookie parameters . When the image loads inside their browser , the exploit code executes against the local NAS drive and takes over the device . The most severe of these issues , according to Zenofex , is authentication bypass issue , which ironically was also the easiest to exploit , requiring only the modification of cookie session parameters . And since Murphy 's Law applies to hardware devices as well , things went wrong all the way , and the commands are n't executed under a limited user , but run under root , giving attackers full control over affected devices , allowing them to upload or download data at will .