Wednesday, March 26, 2025
Follow us On Linkedin
HomeCVE/vulnerabilityCritical Flaws With Cisco Expressway Series and TelePresence VCS Let Attackers Execute...

Critical Flaws With Cisco Expressway Series and TelePresence VCS Let Attackers Execute Arbitrary Code

CVE/vulnerabilityVulnerability

Published on

By Gurubaran
Critical Flaws With Cisco Expressway Series and TelePresence VCS Let Attackers Execute Arbitrary Code

Supply Chain Attack Prevention

SIEM as a Service

Follow Us on Google News

Cisco recently released a patch for a new generation of exploits that target some of its recently shipped products (Expressway Series and Cisco TelePresence Video Communication Server (VCS)). 

This security flaw leaves these devices susceptible to attacks, leaving them open to widespread vulnerabilities that Cisco promptly addressed by releasing the patch. On successful exploitation of these vulnerabilities, a threat actor can execute arbitrary code.

In total, there are five vulnerabilities, but, among the five, two are critical, and they tracked as:-

These two severe security flaws are related to an arbitrary file write and a command injection flaw in the API and web interfaces of the two that could have serious impacts on affected systems.

While these two critical security bugs were identified by Jason Crowder of the Cisco ASIG (Advanced Security Initiatives Group) during the routine internal security testing.

While other three vulnerabilities are identified in the following products of Cisco:-

  • StarOS
  • Cisco Identity Services Engine RADIUS Service
  • Cisco Ultra Cloud Core

Flaws Identified

Below we have mentioned all the five vulnerabilities that are detected:-

  • CVE-2022-20754: It’s a Cisco Expressway Series and Cisco TelePresence VCS Arbitrary File Write Vulnerability with a CVSS score of 9.0.
  • CVE-2022-20755: It’s a Cisco Expressway Series and Cisco TelePresence VCS Command Injection Vulnerability with a CVSS score of 9.0.
  • CVE-2022-20665: It’s a Cisco StarOS Command Injection Vulnerability with a CVSS score of 6.0.
  • CVE-2022-20756: It’s a Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability with a CVSS score of 8.6.
  • CVE-2022-20762: It’s a Cisco Ultra Cloud Core – Subscriber Microservices Infrastructure Privilege Escalation Vulnerability with a CVSS score of 7.8.

However, Cisco has claimed that they didn’t see any evidence of exploitation of these security flaws. Cisco uncovered these bugs while carrying out their own internal security testing or while fixing the bugs reported by the Technical Assistance Center (TAC). 

They played around with the idea that you couldn’t massively hack into devices if the misconfigurations were identified, cleared up, and fixed straight away.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.

Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

Browser

Cybercriminals Bypass Security Using Legitimate Tools & Browser Extensions to Deliver Malware

In the second half of 2024, cybercriminals have increasingly leveraged legitimate Microsoft tools and...
AI

Malicious AI Tools See 200% Surge as ChatGPT Jailbreaking Talks Increase by 52%

The cybersecurity landscape in 2024 witnessed a significant escalation in AI-related threats, with malicious...
cyber security

Banking Malware Infects 248,000 Mobile Users Through Social Engineering Techniques

In 2024, the number of users affected by mobile banking malware skyrocketed to nearly...
cyber security

Researchers Compare Malware Development in Rust vs C and C++

Security researcher Nick Cerne from Bishop Fox has published findings comparing malware development in...

Supply Chain Attack Prevention

Free Webinar - Supply Chain Attack Prevention

Recent attacks like Polyfill[.]io show how compromised third-party components become backdoors for hackers. PCI DSS 4.0’s Requirement 6.4.3 mandates stricter browser script controls, while Requirement 12.8 focuses on securing third-party providers.

Join Vivekanand Gopalan (VP of Products – Indusface) and Phani Deepak Akella (VP of Marketing – Indusface) as they break down these compliance requirements and share strategies to protect your applications from supply chain attacks.

Discussion points

Meeting PCI DSS 4.0 mandates.
Blocking malicious components and unauthorized JavaScript execution.
PIdentifying attack surfaces from third-party dependencies.
Preventing man-in-the-browser attacks with proactive monitoring.

Register Now

More like this

CVE/vulnerability

Ingress NGINX RCE Vulnerability Allows Attackers to Compromise Entire Cluster

A series of remote code execution (RCE) vulnerabilities known as "IngressNightmare" have been discovered...
cyber security

Enhancing Satellite Security by Encrypting Video Data Directly on Payloads

The rapid expansion of low-Earth orbit (LEO) satellite constellations has underscored the need for...
cyber security

CleanStack: Dual-Stack Solution to Defend Against Memory Corruption Attacks

CleanStack is a novel stack protection mechanism designed to combat memory corruption attacks, which...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2025 GBHackers On Security - All Rights Reserved