Remote Access Vulnerability in Cisco Small Business Switches

Last week a vulnerability was discovered in Cisco devices, such as the Small Business 200 series which equips users with a default admin account and password. This ‘feature’ could allow unauthorized remote access to the network, where the attacker has admin rights.

This vulnerability (CVE-2018-15439) resides in the following Cisco products:

• Small Business 200 Series Smart Switches
• 300 Series Managed Switches
• 250 Series Smart Switches
• 500 Series Stackable Managed Switches
• 350 Series Managed Switches
• 350X Series Stackable Managed Switches
• 550X Series Stackable Managed Switches

Although an update has not been released, Cisco has advised users to have one level 15 privilege account configured at all times. This will keep the default account deactivated. Additional measures include defining the password, replacing ‘strong_password’ with a stronger, modified password.