Skip to content

Cisco Vulnerability in Discontinued Small Business Routers - 20240408002

Overview

Cisco has released a security advisory to address a Critical vulnerability in Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers. Vulnerability could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device.

What is vulnerable?

Product(s) Affected CVE Severity CVSS
RV016 Multi-WAN VPN Routers
RV042 Dual WAN VPN Routers
RV042G Dual Gigabit WAN VPN Routers
RV082 Dual WAN VPN Routers
RV320 Dual Gigabit WAN VPN Routers
RV325 Dual Gigabit WAN VPN Routers
CVE-2024-20362 Medium 6.1

What has been observed?

There is no evidence of exploitation affecting Western Australian Government networks at the time of publishing.

Recommendation

The WA SOC recommends administrators apply the solutions as per vendor instructions to all affected devices within expected timeframe of one month... (refer Patch Management):

Additional References