Cisco on Wednesday announced the release of patches for several high-severity vulnerabilities in its products, including a bug reported by the National Security Agency (NSA).
Tracked as CVE-2022-20783 (CVSS score of 7.5), the NSA-reported flaw is a denial of service (DoS) issue in TelePresence Collaboration Endpoint (CE) and RoomOS software, which could be exploited remotely, without authentication.
Insufficient input validation, Cisco explains, allows an attacker to send crafted H.323 traffic to a vulnerable device and cause it to reboot, either normally or in maintenance mode, thus creating a DoS condition.
Cisco patched the security hole with TelePresence CE releases 9.15.10.8 and 10.11.2.2 and with the RoomOS January 2022 release.
Another high-severity vulnerability that Cisco addressed this week is CVE-2022-20732 (CVSS score of 7.8), which is described as an elevation of privilege issue in the company’s Virtualized Infrastructure Manager (VIM) product.
Improper access permissions in VIM allow an authenticated, local attacker to access specific configuration files they should not have access to. The attacker could then obtain internal database credentials and use them to view and modify database contents.
“The attacker could use this access to the database to elevate privileges on the affected device,” Cisco says.
The vulnerability was resolved with the release of Virtualized Infrastructure Manager Software version 4.2.2. If updating to a patched release is not possible, users should connect to the device’s CLI as root and secure permissions to the affected files, the tech giant notes in its advisory.
This week, Cisco also removed a static SSH host key in Umbrella virtual appliance (VA) release 3.3.2, which could be abused by an unauthenticated, remote attacker to impersonate a VA.
“An attacker could exploit this vulnerability by performing a man-in-the-middle attack on an SSH connection to the Umbrella VA. A successful exploit could allow the attacker to learn the administrator credentials, change configurations, or reload the VA,” Cisco says.
Cisco also fixed roughly ten medium-severity vulnerabilities this week, including cross-site scripting (XSS), arbitrary file read, file decryption bypass, DoS, SQL injection, and cross-site request forgery (CSRF) bugs.
Related: CISA Says Recent Cisco Router Vulnerabilities Exploited in Attacks
Related: NSA Informs Cisco of Vulnerability Exposing Nexus Switches to DoS Attacks
Related: Cisco Patches Critical Vulnerabilities in Expressway, TelePresence VCS Products
More from Ionut Arghire
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Pharmaceutical Giant Eisai Takes Systems Offline Following Ransomware Attack
- North Korean Hackers Blamed for $35 Million Atomic Wallet Crypto Theft
- Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions
- Android’s June 2023 Security Update Patches Exploited Arm GPU Vulnerability
- US, Israel Provide Guidance on Securing Remote Access Software
Latest News
- In Other News: AI Regulation, Layoffs, US Aerospace Attacks, Post-Quantum Encryption
- Blackpoint Raises $190 Million to Help MSPs Combat Cyber Threats
- Google Introduces SAIF, a Framework for Secure AI Development and Use
- ‘Asylum Ambuscade’ Group Hit Thousands in Cybercrime, Espionage Campaigns
- Evidence Suggests Ransomware Group Knew About MOVEit Zero-Day Since 2021
- SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint
- Google Cloud Now Offering $1 Million Cryptomining Protection
- Democrats and Republicans Are Skeptical of US Spying Practices, an AP-NORC Poll Finds
