Published on: 17 October 2019
Cisco released security advisories to address the vulnerabilities in Cisco Aironet Access Points (APs). An unauthenticated remote attacker could exploit the vulnerabilities by requesting specific URLs from an affected AP, passing a specially crafted GRE frame through an affected AP, or sending a burst of wireless management frames to an affected AP.
For detailed information of the affected products, please refer to the section "Affected Products" of corresponding security advisory at vendor's website.
Depending on the vulnerability exploited, a successful exploitation could lead to privilege escalation or denial of services on an affected system.
Software updates for affected systems are now available. System administrators of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.
System administrators should contact their product support vendors for the fixes and assistance.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-unauth-access
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-pptp-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-capwap-dos
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-dos
https://www.hkcert.org/my_url/en/alert/19101701
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15260
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15261
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15264
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15265