Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Vulnerabilities

Cisco Patches Critical Vulnerability in BroadWorks Platform

Cisco has released patches for CVE-2023-20238, a critical authentication bypass vulnerability in the BroadWorks Application Delivery Platform.

Cisco on Wednesday announced patches for a critical-severity vulnerability in the BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform.

Tracked as CVE-2023-20238, the vulnerability affecting the BroadWorks calling and collaboration platform was identified in the single sign-on (SSO) implementation and could be exploited by remote, unauthenticated attackers to forge credentials and access affected systems.

“This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account,” Cisco explains in an advisory.

The tech giant notes that the attacker would need a valid user ID associated with the affected BroadWorks system to exploit the flaw. Despite this condition, the vulnerability has a CVSS score of 10.0.

The issue, Cisco says, impacts affected BroadWorks releases running AuthenticationService, BWCallCenter, BWReceptionist, CustomMediaFilesRetrieval, ModeratorClientApp, PublicECLQuery, PublicReporting, UCAPI, Xsi-Actions, Xsi-Events, Xsi-MMTel, or Xsi-VTR.

Cisco BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform version AP.platform.23.0.1075.ap385341 resolves the vulnerability. Cisco also announced independent releases 2023.06_1.333 and 2023.07_1.332 that contain the necessary patches.

On Wednesday, Cisco also released patches for a high-severity denial-of-service (DoS) vulnerability in the Identity Services Engine (ISE).

Tracked as CVE-2023-20243, the issue exists because certain RADIUS accounting requests are not handled properly. An attacker sending crafted requests to a network access device that uses Cisco ISE directly could cause the RADIUS process to restart, denying user access to the network or service.

Advertisement. Scroll to continue reading.

The vulnerability impacts Cisco ISE versions 3.1 and 3.2 only and was addressed with the release of Cisco ISE versions 3.1P7 and 3.2P3.

The tech giant says it is not aware of any of these vulnerabilities being exploited in malicious attacks.

Additional information can be found on Cisco’s product security page.

Related: Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks

Related: Cisco Patches High-Severity Vulnerabilities in Enterprise Applications

Related: PoC Exploit Published for Cisco AnyConnect Secure Vulnerability

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how the LOtL threat landscape has evolved, why traditional endpoint hardening methods fall short, and how adaptive, user-aware approaches can reduce risk.

Watch Now

Join the summit to explore critical threats to public cloud infrastructure, APIs, and identity systems through discussions, case studies, and insights into emerging technologies like AI and LLMs.

Register

People on the Move

Matthew Cowell has assumed the role of VP of Strategic Alliances at Nozomi Networks. He previously served in the same role at Dragos.

Bret Arsenault is retiring from his full-time role after 35 years at Microsoft.

Social engineering defense platform Doppel has appointed Bobby Ford as Chief Strategy and Experience Officer.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.