TR-21-0034 (Cisco Ürünlerinde Bulunan Zafiyetler)

Genel Bilgi

Cisco RV110W, RV130W ve RV215W router ailesinde farklı zafiyetler tespit edilmiştir.

Etki

Mevcut güvenlik açıklıkları nedeniyle siber saldırganların bu zafiyeti kullanarak saldırılarını gerçekleştirmeleri ihtimal dâhilindedir. Mevcut zafiyetlerin CVE kodları şu şekildedir

CVE-2021-1126, CVE-2021-1145, CVE-2021-1143, CVE-2021-1144, CVE-2021-1146, CVE-2021-1147, CVE-2021-1148, CVE-2021-1149, CVE-2021-1150, CVE-2021-1151, CVE-2021-1152, CVE-2021-1153, CVE-2021-1154, CVE-2021-1155, CVE-2021-1156, CVE-2021-1157, CVE-2021-1158, CVE-2021-1159, CVE-2021-1160, CVE-2021-1161, CVE-2021-1162, CVE-2021-1163, CVE-2021-1164, CVE-2021-1165, CVE-2021-1166, CVE-2021-1167, CVE-2021-1168, CVE-2021-1169, CVE-2021-1170, CVE-2021-1171, CVE-2021-1172, CVE-2021-1173, CVE-2021-1174, CVE-2021-1175, CVE-2021-1176, CVE-2021-1177, CVE-2021-1178, CVE-2021-1179, CVE-2021-1180, CVE-2021-1181, CVE-2021-1182, CVE-2021-1183, CVE-2021-1184, CVE-2021-1185, CVE-2021-1186, CVE-2021-1187, CVE-2021-1188, CVE-2021-1190, CVE-2021-1191, CVE-2021-1192, CVE-2021-1193, CVE-2021-1194, CVE-2021-1195, CVE-2021-1196, CVE-2021-1197, CVE-2021-1198, CVE-2021-1199, CVE-2021-1200, CVE-2021-1201, CVE-2021-1202, CVE-2021-1203, CVE-2021-1204, CVE-2021-1205, CVE-2021-1206, CVE-2021-1207, CVE-2021-1208, CVE-2021-1209, CVE-2021-1210, CVE-2021-1211, CVE-2021-1212, CVE-2021-1213, CVE-2021-1214, CVE-2021-1215, CVE-2021-1216 ve CVE-2021-1217 .

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; Cisco firmasının güvenlik bültenlerini takip etmelerini, bu zafiyet hakkında yayınlanan yama kodunu ivedilikle güncellemelerini önermektedir.

Kaynaklar

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1143

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1144

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1145

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1146

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1147

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1148

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1149

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1150

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1151

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1152

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-1145

2021-01-14