Cisco on Wednesday announced patches for a critical-severity vulnerability in the Unity Connection unified messaging and voicemail solution.
The issue, tracked as CVE-2024-20272, can be exploited remotely, without authentication, to upload arbitrary files to a system, execute commands on the underlying operating system, and elevate privileges to root.
“This vulnerability is due to a lack of authentication in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by uploading arbitrary files to an affected system,” Cisco explains in its advisory.
Cisco Unity Connection versions 188.8.131.5217-4 and 184.108.40.20606-5 resolve the flaw. Both are engineering special releases and Cisco customers are advised to contact the tech giant to receive them.
According to Cisco, there are no workarounds available for this vulnerability. The tech company is not aware of any in-the-wild exploitation of the bug.
On Wednesday, however, the company warned that proof-of-concept (PoC) code has been released for a medium-severity security defect in WAP371 Wireless-AC/N dual radio access point, which has been discontinued.
Tracked as CVE-2024-20287, the flaw impacts the web-based management interface of WAP371 devices with Single Point Setup and could lead to command injections.
Described as an improper validation of user-supplied input, the bug allows an attacker authenticated as an administrator to send crafted HTTP requests to the interface of a vulnerable device to execute arbitrary commands with root privileges.
Cisco announced in 2019 that WAP371 had reached end-of-life (EOL) status and that no software maintenance releases or bug fixes would be shipped starting September 2020.
The company recommends that customers still using the discontinued product migrate to the Cisco Business 240AC AP.
“The Cisco Product Security Incident Response Team (PSIRT) is aware that proof-of-concept exploit code is available for the vulnerability,” Cisco notes, adding that it has not observed malicious exploitation of the bug.
This week, the company also announced patches for multiple medium-severity flaws in TelePresence Management Suite (TMS), ThousandEyes Enterprise Agent, Evolved Programmable Network Manager (EPNM) and Prime Infrastructure, BroadWorks platform, and Identity Services Engine (ISE).
Additional information can be found on Cisco’s security advisories page.