Cisco this week announced the availability of patches for a critical vulnerability in the Cisco Expressway series and TelePresence Video Communication Server (VCS) products that could allow an attacker to overwrite files on the underlying operating system with root privileges.
According to Cisco, the vulnerability impacts Expressway Control (Expressway-C) and Expressway Edge (Expressway-E) devices, which are meant to enable remote collaboration for both mobile users and teleworkers.
“Multiple vulnerabilities in the API and in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow a remote attacker to overwrite arbitrary files or conduct null byte poisoning attacks on an affected device,” Cisco notes in an advisory.
Tracked as CVE-2022-20812 (CVSS score of 9.0), the critical-severity vulnerability could allow an authenticated attack that has administrator read-write privileges to overwrite files on the underlying operating system remotely, with the privileges of the root user.
The issue exists because user-supplied command arguments are not sufficiently validated, allowing an attacker to submit crafted input to the affected command.
Cisco also resolved a high-severity bug impacting the enterprise communication solutions, which could allow an unauthenticated, remote attacker to access sensitive data.
Tracked as CVE-2022-20813, the issue exists because certificates aren’t properly validated, thus allowing an attacker to set up a man-in-the-middle attack and “intercept the traffic between devices, and then using a crafted certificate to impersonate the endpoint.” The attacker could then view the intercepted traffic in clear text and could even modify the contents of the traffic.
Both issues were addressed with Cisco Expressway series and TelePresence VCS release 14.0.7 and Cisco encourages all customers to update as soon as possible.
This week, Cisco also announced patches for a high-severity vulnerability in Smart Software Manager On-Prem (SSM On-Prem), which could allow a remote, authenticated attacker to cause a denial of service (DoS) condition. Tracked as CVE-2022-20808, the vulnerability was addressed in Cisco SSM On-Prem release 8-202112.
“This vulnerability is due to incorrect handling of multiple simultaneous device registrations on Cisco SSM On-Prem. An attacker could exploit this vulnerability by sending multiple device registration requests to Cisco SSM On-Prem,” the tech giant explains.
Cisco says it’s not aware of any of these vulnerabilities being exploited in attacks. Further information on the latest Cisco patches can be found on the company’s security portal.
Related: Cisco Patches Critical Vulnerability in Email Security Appliance
Related: Cisco Warns of Exploitation Attempts Targeting New IOS XR Vulnerability
Related: Cisco Patches 11 High-Severity Vulnerabilities in Security Products
