Cisco patches Secure Internet Gateway service

walden, system, systems, walden systems, rita, firewall, port, forward, up, protect, intrusion, security, traffic, DMZ, block, protection, walden systems, walden, systems, network, fire, wall, hack, intrusion, cisco, router, network, switch, hub, IoT, traffic
Rita gives you full control of what sites your employees visit. Rita can block sites that eat up your precious bandwidth such as media streaming sites. Rita enables you full control of what sites your employees can and cannot visit. Rita gives you the ability to block undesirable sites by wildcard or by name. Rita gives you the ability to determine which computers will be blocked and which will be allowed. With Rita, you can block access to sensitive servers within your LAN.



     Two high-severity bugswere disclosed in Cisco's security platform that could give hackers administrative privileges and take full control of the impacted machine. The security flaws affect two parts of Cisco Umbrella, a secure internet gateway that acts as a cloud based security service for corporate networks. Cisco's Umbrella ERC and Umbrella Roaming Module are affected by these flaws. The vulnerabilities from an improper implementation of file system permissions in the ERC, which could allow non administrative users to write files in restricted directories. Both vulnerabilities have been added to the Common Vulnerabilities and Exposure list ( CVE ) as CVE-2018-0437 and CVE-2018-0438.

     The flaws affects Cisco Umbrella ERC releases up to 2.1.118 and Cisco Umbrella Roaming Module releases up to 4.6.1098. Cisco has already released fixes for Cisco Umbrella ERC releases 2.1.118 and later and Cisco Umbrella Roaming Module for Cisco AnyConnect releases 4.6.1098 and later. The flaw is in a service called Umbrella_RC in Umbrella Roaming Client from Cisco OpenDNS. The service, which is executed as SYSTEM on startup. Quentin Rhoads an offensive security manager at Critical Start, who first discovered the flaw, was able to perform a proof of concept where he placed a malicious file containing exploit code in C:ProgramDataOpenDNS where the application added a user to the admistrator group.




     Cisco has released patches for the vulnerabilities so IT administrators should patch their systems immediately since there are no other workarounds for these flaws.