Cisco patches multiple vulnerabilities in wireless LAN controllers

Cisco has released patches and workarounds for 16 of its wireless products, removing several denial of service vulnerabilities and a bug that allowed unauthorized access to the system.

The most severe bug affects Cisco's Aironet access points – the Aironet 1260, 2600, 3500 and the 3600 – connected to the company's Wireless LAN Controller, and could allow unauthorized parties gain privileged access to the affected device.

"An attacker could exploit this vulnerability by attempting to authenticate to an affected device using locally-stored credentials of the AP. A successful attack could allow an attacker to take complete control of the affected AP and make arbitrary changes to the configuration," said Cisco in its security bulletin.

Cisco goes on to say that "in many deployment scenarios, the locally-stored default AP username and password has not been changed from the factory default. In these zero-touch scenarios, the devices are designed to connect automatically to a WLC and download firmware and configurations."

Also patched were a raft of denial of service bugs, ranging from a vulnerability in the WebAuth feature to a vulnerability in the IGMP processing subsystem.

Further details, along with patches, are available from Cisco.