Patch Advisory: Cisco Patches Critical Flaw Impacting Telecom Providers

By Marcos Colon

The critical vulnerability lets hackers target the Cisco Prime Home automated configuration server that communicates with customer equipment, according to the company’s advisory.

“A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated,  remote attacker to bypass authentication and execute actions with administrator privileges,” the advisory said. Versions and above of Cisco Prime Home are affected by the flaw.

If exploited, the vulnerability could ultimately redirect users logged into the Cisco Prime Service Catalog to a phishing site that swipes their credentials, according to a full report on the flaw by CSO Online

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.