Engineers at Cisco have raced against time to avoid a catastrophic dark web attack, which could’ve cripple the service of numerous technology giants using the company’s software. The story first appeared on the Portswigger cyber security news site. The report detailed several serious RCE threats uncovered by Cisco’s engineers. To prevent a devastating dark web hack on the company clients’ network system, a patch issued focuses on the vulnerabilities discovered in its Cisco Redundancy Configuration Manager (RCM).
Reportedly, the Delco-focus Cisco StarOS software critical flaw could be infiltrated by dark web hackers, who could perform hack attacks through remote code execution.
If deep web hackers had discovered the critical flaw in the Cisco StarOS software, the domino effect would have been beyond devastating. The Cisco network is linked to countless telecommunication service providers as well as many fortune 500 companies that utilized Cisco’s virtual mobile networks.
In addition, it is the RCM management technology of Cisco that manages multiple virtualized systems for many communication companies. The failover from these systems provides billing, along with many other telecom services. And with that, there are multiple parallel systems responsible for the reliable function of telecommunications entire mobile network system.
Sensitive Data Loss
On January 19, 2022, Cisco issued a security update advising its large client base that the software vulnerability discovered by its team of engineers had been resolved. The tech networking giant further stressed that the problem could’ve allowed “unauthenticated, remote attacker to steal and disclose sensitive information. Furthermore, dark web hackers could have also executed arbitrary commands as the root user in the context of the configured container”.
The CVE-2022-20649 at the development stage was left intact, instead of being disabled by the engineers, according to the company’s report. And without disabling and debugging the software from that mode, it could have been easily compromised by dark web hackers if found in that vulnerable state
Accordingly, if that dark web attack should occur, it would have been classified with a CVSS maximum rating of 9.0. However, Cisco stated with the severity of the flaw, the software vulnerability could only be breached if the required reconnaissance was authenticated by the dark web hacker
A Second Data Leak Risk
Just, this past week, another dark web attack was averted by Cisco when the company released another software update to fix another vulnerability found in its RCM system.
And while the recent discovery was less severe, its security problem classified as CVE-2022-20648 prevents the leakage of critical information. This would have happened because the debugging service was set to incorrectly accepts and listen to incoming connections.
A cautionary statement provided by Cisco states that it is difficult to protect against a dark web hacking attack. However, customers should always protect themselves by applying the latest software updates.
With the two vulnerabilities discovered during security testing, Cisco engineers provided a list of advisory measures, which is listed online at Cisco’s security center.