Cisco fixed 67 high-severity vulnerabilities in the AnyConnect Secure Mobility Client and the RV110W, RV130, RV130W, and RV215W small business routers.

The most dangerous vulnerability relates to the Cisco Connected Mobile Experiences (CMX) software solution used by retailers to provide business analytic or on-site customer experience analysis. The solution uses Cisco wireless infrastructure to collect massive amounts of data from the retailer’s  Wi-Fi network, including real-time customer-location tracking.

The vulnerability (CVE-2021-1144) is due to incorrect handling of authorization checks for changing passwords and received a score of 8.8 on the CVSS scale.

“An authenticated attacker without administrative privileges could exploit this vulnerability by sending a modified HTTP request to an affected device. A successful exploit could allow to alter the passwords of any user on the system,  including an administrative user, and then impersonate that user, ” explained the experts.

The vulnerability affects Cisco CMX releases 10.6.0, 10.6.1, and 10.6.2 and is patched in Cisco CMX releases 10.6.3 and later.

Another high-severity vulnerability (CVE-2021-1237) exists in the Cisco AnyConnect Secure Mobility Client for Windows, which provides a wide range of security services (such as remote access, web security features and roaming protection).

A total of 60 issues were found in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W and RV215W routers that could allow a remote, authorized attacker to execute arbitrary code or cause the device suddenly  restart, resulting in a denial-of-service condition.

Five more vulnerabilities (CVE-2021-1146, CVE-2021-1147, CVE-2021-1148, CVE-2021-1149, and CVE-2021-1150) were found in the Cisco Small Business RV110W, RV130, RV130W, and RV215W routers. Their exploitation could allow an authorized, remote attacker to inject arbitrary commands with superuser privileges.

More information on security updates can be found in the following Cisco Advisories:

•    AnyConnect Secure Mobility Client cisco-sa-anyconnect-dll-injec-pQnryXLf

•    Cisco  Connected Mobile Experiences cisco-sa-cmxpe-75Asy9k

•    Cisco Small Business RV110W, RV130, RV130W, and RV215W routers cisco-sa-rv-command-inject-LBdQ2KRN

•    Small Business RV110W, RV130, RV130W, and RV215W routers cisco-sa-rv-overflow-WUnUgv4U

Source: securitylab.ru