Perfect Vulnerability for CISO Ultra Reliable Systems


3109e40c8fdccafc3e927d82c4e0983d911c528233c85ddfd8b487ed202eeb21.jpg

A “Perfect” 10 vulnerability score is not what users of Cisco Ultra-Reliable Wireless Backhaul (URWB) systems were expecting. The recently discovered cybersecurity vulnerability CVE-2024–20418 is remote, easy, and gives full Admin rights to the device. That is potentially a devastating combination (hence the CVSS score of 10)!

Probably some overtime hours are in store for those patching these systems:

- Catalyst IW9165D Heavy Duty Access Points
- Catalyst IW9165E Rugged Access Points and Wireless Clients
- Catalyst IW9167E Heavy Duty Access Points.

The more strategic concern is that these devices are the type of systems that would be purchased and installed to protect either very sensitive systems or environments that cannot be easily patched — like Operational Technology (OT). 

Given that a large portion of our Critical Infrastructure uses OT environments, this vulnerability represents a risk to crucial services we all rely upon, including telecommunications, power, water, transportation, and healthcare systems.

Have a good weekend!

How do you rate this article?

14


Matthew Rosenquist
Matthew Rosenquist

Cybersecurity Strategist specializing in the evolution of threats, opportunities, and risks in pursuit of optimal security for our digital world.


Cybersecurity Tomorrow
Cybersecurity Tomorrow

Cybersecurity strategy perspectives for the emerging risks and opportunities of securing our digital world. The insights of today will lead to tomorrow's security, privacy, and safety foundations.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.