Cisco earlier this week disclosed the highest number of security advisories it has issued in a single day for at least a year. The company issued 41 security alerts on Wednesday, including one deemed to pose a critical impact in the secure shell (SSH) key management for Cisco’s Nexus 9000 series Application Centric Infrastructure (ACI) mode switch software.
Cisco also issued 22 security advisories considered to pose a high impact and 18 alerts that pose a medium impact. The company has disclosed 488 security advisories for its equipment and services during the last year, including monthly highs of 67 in March 2019 and 63 in September 2018.
Meanwhile, the 41 security advisories issued on Wednesday is an all-time high for a single day during the last 12 months. Cisco disclosed 42 advisories in April, including critical security alerts for operating systems, routers, and LAN software.
The latest critical vulnerability disclosed by Cisco “could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user,” the company wrote in the advisory. Cisco pins the vulnerability on the default SSH key pair that is present in all Cisco Nexus 9000 series devices.
“An attacker could exploit this vulnerability by opening an SSH connection via IPv6 to a targeted device using the extracted key materials,” Cisco wrote. “This vulnerability is only exploitable over IPv6; IPv4 is not vulnerable.”
Software updates have been released to address the vulnerability and there are no workarounds, according to Cisco. The vulnerability specifically affects the Nexus 9000 series fabric switches in ACI mode that are running a Cisco NX-OS software release prior to 14.1. Cisco says it is not aware of any public announcements or malicious use of the vulnerability.
The 22 high-impact security advisories issued by Cisco affect small business routers RV320 and RV325, Cisco’s IP Phone 7800 and 8800 series, Cisco’s firepower threat defense software, and security appliance software.