Cisco on Wednesday announced patches for a critical-severity vulnerability in the BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform.
Tracked as CVE-2023-20238, the vulnerability affecting the BroadWorks calling and collaboration platform was identified in the single sign-on (SSO) implementation and could be exploited by remote, unauthenticated attackers to forge credentials and access affected systems.
“This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account,” Cisco explains in an advisory.
The tech giant notes that the attacker would need a valid user ID associated with the affected BroadWorks system to exploit the flaw. Despite this condition, the vulnerability has a CVSS score of 10.0.
The issue, Cisco says, impacts affected BroadWorks releases running AuthenticationService, BWCallCenter, BWReceptionist, CustomMediaFilesRetrieval, ModeratorClientApp, PublicECLQuery, PublicReporting, UCAPI, Xsi-Actions, Xsi-Events, Xsi-MMTel, or Xsi-VTR.
Cisco BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform version AP.platform.23.0.1075.ap385341 resolves the vulnerability. Cisco also announced independent releases 2023.06_1.333 and 2023.07_1.332 that contain the necessary patches.
On Wednesday, Cisco also released patches for a high-severity denial-of-service (DoS) vulnerability in the Identity Services Engine (ISE).
Tracked as CVE-2023-20243, the issue exists because certain RADIUS accounting requests are not handled properly. An attacker sending crafted requests to a network access device that uses Cisco ISE directly could cause the RADIUS process to restart, denying user access to the network or service.
The vulnerability impacts Cisco ISE versions 3.1 and 3.2 only and was addressed with the release of Cisco ISE versions 3.1P7 and 3.2P3.
The tech giant says it is not aware of any of these vulnerabilities being exploited in malicious attacks.
Additional information can be found on Cisco’s product security page.
Related: Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks
Related: Cisco Patches High-Severity Vulnerabilities in Enterprise Applications
Related: PoC Exploit Published for Cisco AnyConnect Secure Vulnerability
More from Ionut Arghire
- Generative AI Startup Nexusflow Raises $10.6 Million
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
- Cloudflare Users Exposed to Attacks Launched From Within Cloudflare: Researchers
- FBI Warns Organizations of Dual Ransomware, Wiper Attacks
- Lumu Raises $30 Million for Threat Detection and Response Platform
- Cisco Warns of IOS Software Zero-Day Exploitation Attempts
- Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits
Latest News
- Bankrupt IronNet Shuts Down Operations
- AWS Using MadPot Decoy System to Disrupt APTs, Botnets
- Generative AI Startup Nexusflow Raises $10.6 Million
- In Other News: RSA Encryption Attack, Meta AI Privacy, ShinyHunters Hacker Guilty Plea
- Researchers Extract Sounds From Still Images on Smartphone Cameras
- National Security Agency is Starting an Artificial Intelligence Security Center
- CISA Warns of Old JBoss RichFaces Vulnerability Being Exploited in Attacks
- Hackers Set Sights on Apache NiFi Flaw That Exposes Many Organizations to Attacks
