Cisco switches from the Small Business series pose a security threat to admins who use them in the network. It is advisable to update the switches immediately to avoid any potential attack by cybercriminals. Attackers could leverage the critical vulnerabilities to execute malicious code with root privileges, with exploit code already in circulation.
Developers warn that four of the nine vulnerabilities are classified as “critical,” meaning the threat level posed by them is high. Remote attackers can attack the web interface with crafted requests without authentication, leading to memory errors, and in turn, execution of malicious code with root privileges that would compromise the device. Cisco states that the vulnerabilities are not linked, meaning attackers can exploit each vulnerability individually.
The affected models include 250 Series Smart Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, and the Business 250 and 350 Series Smart Switches. However, the devices 220 Series Smart Switches and Business 220 Series Smart Switches are not affected.
It is worth noting that support for the 200, 300, and 500 series switches has expired. Therefore, these devices will not receive any security updates, making them unsafe for use. Admins should thus consider discontinuing the use of such switches if they have them in their network.
Besides the switches, other Cisco products such as Identity Services Engine and Smart Software Manager are also affected. Cybercriminals can take advantage of the vulnerabilities to execute their commands.
In summary, admins using Cisco switches from the Small Business series should update their devices quickly to stay ahead of potential cyberattacks. Also, they should consider retiring the unsupported switches for security reasons and be on the lookout for other Cisco products that might contain vulnerabilities.