Home & Office

Cisco: These Wi-Fi access points are easily owned by remote hackers, so patch now

Cisco is urging customers with Aironet Wi-Fi access points to address four separate security flaws.
Written by Liam Tung, Contributing Writer on

Hackers from afar can mess around with Cisco's Aironet industrial and business Wi-Fi access points because the devices have flawed URL access controls, Cisco has warned customers. 

The critical Aironet flaw has been assigned the identified CVE-2019-15260 and has a CVSS v3 score of 9.8 out of 10. 

The bug affects several Aironet product lines, including access points for industrial customers. It can be exploited by a remote attacker without the correct credentials, who could then tamper with device settings with elevated privileges or view sensitive corporate information. 

Cisco hasn't divulged much information about the flaw, but the company admits that affected Aironet Wi-Fi boxes don't currently implement sufficiently strong access controls for "certain URLs". The attacker could exploit the bug by requesting "specific URLs" from the affected access point.

If an attacker successfully exploits the flaw, they could change the device's network configuration, as well as potentially knock out the device and cause a denial of service on computer equipment connected to it. 

"An exploit could allow the attacker to gain access to the device with elevated privileges. While the attacker would not be granted access to all possible configuration options, it could allow the attacker to view sensitive information and replace some options with values of their choosing, including wireless network configuration," said Cisco

Affected product lines include the Aironet 1540 series, 1560 series, 1800 series, 2800 series, 3800 series, and 4800 access points. 

Cisco notes that there are no workarounds for this issue, so the only option to secure the devices is to install a fixed release. 

Cisco also cautions customers that when attempting to install fixed software, they should treat the critical flaw as part of a collection of fixes.

This collection includes two more high-severity denial-of-service flaws affecting Aironet software – CVE-2019-15264 and CVE-2019-15261 – and one high-severity denial-of-service vulnerability, CVE-2019-15262, in the Secure Shell session management for the Cisco Wireless LAN Controller software

At present Cisco isn't aware of any attempts to exploit the bugs and they were all discovered while Cisco was handling a customer-support query.

More on Cisco and networking security

  • Cisco warning: These routers running IOS have 9.9/10-severity security flaw
  • Patch now: Cisco IOS XE routers exposed to rare 10/10-severity security flaw  
  • Seriously? Cisco put Huawei X.509 certificates and keys into its own switches
  • New Cisco critical bugs: 9.8/10-severity Nexus security flaws need urgent update
  • Cisco critical-flaw warning: These two bugs in our data-center gear need patching now
  • Cisco alert: Patch this dangerous bug open to remote attacks via malicious ads
  • Thrangrycat flaw lets attackers plant persistent backdoors on Cisco gear
  • Cisco's warning: Patch now, critical SSH flaw affects Nexus 9000 fabric switches
  • Cisco warns over critical router flaw
  • Cisco: These are the flaws DNS hijackers are using in their attacks
  • Cisco bungled RV320/RV325 patches, routers still exposed to hacks
  • Cisco tells Nexus switch owners to disable POAP feature for security reasons
  • Cisco: Patch routers now against massive 9.8/10-severity security hole
  • How to improve cybersecurity for your business: 6 tips TechRepublic
  • New cybersecurity tool lets companies Google their systems for hackers CNET
  • Editorial standards