What is the severity of CVE-2018-0088?

CVE-2018-0088 has a severity rating that indicates potential for stability impacts and possible arbitrary code execution.

How do I fix CVE-2018-0088?

To mitigate CVE-2018-0088, update to the latest version of the affected Cisco Industrial Ethernet 4010 Series Firmware.

Who is affected by CVE-2018-0088?

CVE-2018-0088 affects devices running vulnerable versions of Cisco IOS Software on Cisco Industrial Ethernet 4010 Series Switches.

What can an attacker do with CVE-2018-0088?

An authenticated, local attacker could exploit CVE-2018-0088 to cause denial of service or arbitrary code execution.

Is CVE-2018-0088 easy to exploit?

Exploitation of CVE-2018-0088 requires local access and authentication to the affected device, which may limit its attack surface.

Vulnerability/
CVE-2018-0088

high

7.2

CWE

732 399

18/1/2018

2/12/2024

CVE-2018-0088

First published: Thu Jan 18 2018(Updated: )

A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device. This could result in arbitrary code execution or a denial of service (DoS) condition. The attacker has to have valid user credentials at privilege level 15. The vulnerability is due to a diagnostic test CLI command that allows the attacker to write to the device memory. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a specific diagnostic test command at the CLI. An exploit could allow the attacker to overwrite system memory locations, which could have a negative impact on the stability of the device. Cisco Bug IDs: CSCvf71150.

Credit: ykramarz@cisco.com

Affected Software	Affected Version	How to fix
Cisco Industrial Ethernet 4010 Series Firmware
Cisco IE-4010-16S12P Industrial Ethernet Switch
Cisco IE-4010-4S24P

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2018-0088?
CVE-2018-0088 has a severity rating that indicates potential for stability impacts and possible arbitrary code execution.
How do I fix CVE-2018-0088?
To mitigate CVE-2018-0088, update to the latest version of the affected Cisco Industrial Ethernet 4010 Series Firmware.
Who is affected by CVE-2018-0088?
CVE-2018-0088 affects devices running vulnerable versions of Cisco IOS Software on Cisco Industrial Ethernet 4010 Series Switches.
What can an attacker do with CVE-2018-0088?
An authenticated, local attacker could exploit CVE-2018-0088 to cause denial of service or arbitrary code execution.
Is CVE-2018-0088 easy to exploit?
Exploitation of CVE-2018-0088 requires local access and authentication to the affected device, which may limit its attack surface.

agent/references
agent/type
agent/weakness
agent/softwarecombine
agent/severity
agent/first-publish-date
agent/author
agent/description
agent/event
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
vendor/cisco
canonical/cisco industrial ethernet 4010 series firmware
canonical/cisco ie-4010-16s12p industrial ethernet switch
canonical/cisco ie-4010-4s24p

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.