Rewterz Threat Alert – WSHRAT aka Houdini – Active IOCs
May 18, 2023Rewterz Threat Advisory – Multiple Cisco Small Business Series Switches Vulnerabilities
May 18, 2023Rewterz Threat Alert – WSHRAT aka Houdini – Active IOCs
May 18, 2023Rewterz Threat Advisory – Multiple Cisco Small Business Series Switches Vulnerabilities
May 18, 2023Severity
High
Analysis Summary
CVE-2022-208640
Cisco IOS XE ROM Monitor could allow a physically proximate attacker to obtain sensitive information, caused by a problem with the file and boot variable permissions in ROMMON. By rebooting the switch into ROMMON and entering specific commands through the console, an attacker could exploit this vulnerability to read any file or reset the enable password.
Impact
- Information Disclosure
Indicators Of Compromise
CVE
- CVE-2022-208640
Affected Vendors
Cisco
Affected Products
- Cisco Catalyst 9200 Series Switches
- Cisco Catalyst 9300 Series Switches
- Cisco Catalyst 9500 Series Switches
- Cisco Catalyst 9400 Series Switches
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.