Thursday, March 28, 2024

Cisco StarOS Flaw Let Attackers Gain Remote Code Execution on Vulnerable Device

Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software had multiple vulnerabilities which could allow an unauthenticated attacker to execute arbitrary commands or disclose sensitive information with “root” privileges. These vulnerabilities were found during Internal Security Testing. It seems that there was no workaround for these vulnerabilities. Cisco’s PSIRT claims that no public announcement has been made on malicious use of this vulnerability.

Products Affected

As Cisco states,” These Vulnerabilities affect Cisco RCM for Cisco StarOS Software”. Cisco has also released the Fixed software section and list of Products that are Vulnerable.

Fixed Releases

Cisco has released software updates to fix the issues. It has advised its customers to upgrade to appropriate fixed software releases.

Cisco RCM for StarOS ReleaseFirst Fixed Release 
Earlier than 21.25Migrate to a fixed release.
21.2521.25.4

Details of the Vulnerabilities

On investigating further, Cisco found that the vulnerabilities are not dependent on one another. In other words, exploitation of one vulnerability will not affect the other.

CVE-2022-20649: Cisco RCM Debug Remote Code Execution Vulnerability

Cisco RCM for Cisco StarOS Software allows an attacker to execute arbitrary commands with root privileges within the configured container. This Vulnerability was due to incorrectly enabled debug mode. When debug mode is enabled, an attacker can connect to the device navigate to the service and exploit it.

Bug ID(s): CSCvy80878

CVE IDs: CVE-2022-20649

Security Impact Rating (SIR): Critical

CVSS Base Score: 9.0

CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CVE-2022-20648: Cisco RCM Debug Information Disclosure Vulnerability

Cisco RCM for Cisco StarOS Software can use the debug function to perform actions that could result in Sensitive Information Disclosure which must be restricted. This Vulnerability was due to a debug service that incorrectly listens and accepts incoming connections. An attacker with a successful exploit can connect to the debug port to execute debug commands to view sensitive debugging information.

Bug ID(s): CSCvy80857

CVE IDs: CVE-2022-20648

Security Impact Rating (SIR): Medium

CVSS Base Score: 5.3

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Cisco has released software patches to fix these vulnerabilities. As previously stated, there are no workaround for these vulnerabilities.

Website

Latest articles

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to...

Airbus to Acquire INFODAS to Strengthen its Cybersecurity Portfolio

Airbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions...
Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles