⚡ TL;DR | Go Straight to the Cisco Small Business Series Vulnerability Audit Report
Cisco has released security updates for their Small Business Series Switches to address a number of critical buffer overflow vulnerabilities. The issues could allow an unauthenticated remote attacker to cause a denial of service or execute arbitrary code. To help you locate vulnerable switches, a new vulnerability report has been added to your Lansweeper installation. Make sure to install the updates as soon as possible to protect your network.
9 Severe to Critical Vulnerabilities
In total, the new security update addresses 9 vulnerabilities, all with CVSS base scores ranging from 9.8 (critical) to 7.5 (severe). None of the vulnerabilities are dependent on one another. The most important ones are 4 Buffer overflow vulnerabilities (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, and CVE-2023-20189). They are caused by improper validation of requests sent to the targeted switches' web interfaces. A remote, unauthenticated attacker could exploit these issues in order to execute arbitrary code or to cause denial of service, without the need for user interaction.
So far, there are no reports that any of the issues addressed in the update are being exploited in the wild. However, Cisco also says that it is aware that proof-of-concept exploit code is available.
Update Vulnerable Cisco Small Business Series Switches
In order to protect your network you should update any vulnerable Small Business Series switches as soon as possible. There are no workarounds available for these issues You can find a list of affected devices and the fixed version below. You can find all details regarding the patches in Cisco's advisory. You can download the updated firmware from the software center.
|Affected Products||Cisco Firmware Release||First Fixed Release|
|250 Series Smart Switches||22.214.171.124 and earlier||126.96.36.199|
|350 Series Managed Switches||188.8.131.52 and earlier||184.108.40.206|
|350X Series Stackable Managed Switches||220.127.116.11 and earlier||18.104.22.168|
|550X Series Stackable Managed Switches||22.214.171.124 and earlier||126.96.36.199|
|Business 250 Series Smart Switches||188.8.131.52 and earlier||184.108.40.206|
|Business 350 Series Managed Switches||220.127.116.11 and earlier||18.104.22.168|
|Small Business 200 Series Smart Switches|
|Small Business 300 Series Managed Switches|
|Small Business 500 Series Stackable Managed Switches|
Note that Cisco will not be releasing firmware updates for these vulnerabilities for the Cisco Small Business 200 Series Smart Switches, Small Business 300 Series Managed Switches, and Small Business 500 Series Stackable Managed Switches. These have already entered their end-of-life process and are no longer eligible for updates.
Discover Vulnerable Cisco Switches
Our technical team has put together a special report to help you find all vulnerable Cisco Small Business Series switches in your network. It will give you a list of all switches that haven't been updated yet. This way you have an actionable list of devices that are still at risk and you can take action accordingly. You can get to the report via the link below.