Wednesday, April 17, 2024

Critical Flaws With Cisco Expressway Series and TelePresence VCS Let Attackers Execute Arbitrary Code

Cisco recently released a patch for a new generation of exploits that target some of its recently shipped products (Expressway Series and Cisco TelePresence Video Communication Server (VCS)). 

This security flaw leaves these devices susceptible to attacks, leaving them open to widespread vulnerabilities that Cisco promptly addressed by releasing the patch. On successful exploitation of these vulnerabilities, a threat actor can execute arbitrary code.

In total, there are five vulnerabilities, but, among the five, two are critical, and they tracked as:-

These two severe security flaws are related to an arbitrary file write and a command injection flaw in the API and web interfaces of the two that could have serious impacts on affected systems.

While these two critical security bugs were identified by Jason Crowder of the Cisco ASIG (Advanced Security Initiatives Group) during the routine internal security testing.

While other three vulnerabilities are identified in the following products of Cisco:-

  • StarOS
  • Cisco Identity Services Engine RADIUS Service
  • Cisco Ultra Cloud Core

Flaws Identified

Below we have mentioned all the five vulnerabilities that are detected:-

  • CVE-2022-20754: It’s a Cisco Expressway Series and Cisco TelePresence VCS Arbitrary File Write Vulnerability with a CVSS score of 9.0.
  • CVE-2022-20755: It’s a Cisco Expressway Series and Cisco TelePresence VCS Command Injection Vulnerability with a CVSS score of 9.0.
  • CVE-2022-20665: It’s a Cisco StarOS Command Injection Vulnerability with a CVSS score of 6.0.
  • CVE-2022-20756: It’s a Cisco Identity Services Engine RADIUS Service Denial of Service Vulnerability with a CVSS score of 8.6.
  • CVE-2022-20762: It’s a Cisco Ultra Cloud Core – Subscriber Microservices Infrastructure Privilege Escalation Vulnerability with a CVSS score of 7.8.

However, Cisco has claimed that they didn’t see any evidence of exploitation of these security flaws. Cisco uncovered these bugs while carrying out their own internal security testing or while fixing the bugs reported by the Technical Assistance Center (TAC). 

They played around with the idea that you couldn’t massively hack into devices if the misconfigurations were identified, cleared up, and fixed straight away.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Trustifi’s Email Security Awareness Training – Empowering MSPs to Train & Protect Clients

In today's digital landscape, email security has become a critical concern for businesses of...

Personal Data Exposed in Massive Global Hack: Understanding the Implications & Guarding Privacy- Axios Security Group

In a digital age where information is the new currency, the recent global hack...

Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges

Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange's smart contract by injecting fabricated...

Omni Hotels & Resorts Hack: Attackers have Stolen Customer Information

Omni Hotels & Resorts has revealed that it was the target of a recent...

Connect:fun Attacking Organizations Running Fortinet’s FortiClient EMS

A new exploit campaign has emerged, targeting organizations that utilize Fortinet’s FortiClient EMS.Dubbed...

TA558 Hackers Compromised 320+ Organizations’ FTP & SMTP Servers

TA558, a financially motivated threat actor identified in 2018, is targeting several countries but...

Blackjack Hackers Destroyed 87,000 Sensors Using Lethal ICS Malware

A group of cybercriminals known as "Blackjack" has launched a devastating attack on industrial...
Guru baran
Guru baran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Top 3 SME Attack Vectors

Securing the Top 3 SME Attack Vectors

Cybercriminals are laying siege to small-to-medium enterprises (SMEs) across sectors. 73% of SMEs know they were breached in 2023. The real rate could be closer to 100%.

  • Stolen credentials
  • Phishing
  • Exploitation of vulnerabilities

Related Articles