Cisco has released a patch for a critical vulnerability (CVE-202420253) in its widely used Unified Communications and Contact Center Solutions products [3]. Immediate attention is advised to safeguard affected devices.
Description
This flaw allows remote attackers to execute arbitrary code on affected devices by exploiting insecure processing of user-supplied data. The vulnerability can be triggered by sending a specially crafted message to a network communication port [4] [5]. If successfully exploited [3], the attacker could execute arbitrary commands on the underlying operating system and potentially gain root access [3] [5]. The security researcher Julien Egloff discovered and reported this vulnerability [3].
The affected products include Unified Communications Manager [3], Unified Communications Manager IM & Presence Service [3], Unified Communications Manager Session Management Edition [3], Unified Contact Center Express [3] [5], Unity Connection [3] [5], and Virtualized Voice Browser [3]. Cisco recommends setting up access control lists on intermediary devices to limit access until the patch can be applied.
So far [1] [4], there have been no reported instances of malicious exploitation of the vulnerability [2]. This disclosure comes after Cisco recently addressed another critical security flaw (CVE-202420272) in Unity Connection [3]. Additionally, Cisco has also patched medium severity vulnerabilities in Small Business Series Switches and Unity Connection [5].
Conclusion
Organizations are advised to apply security updates to address this vulnerability [6]. Cisco provides more details and guidance in a blog post. It is crucial to take immediate action to mitigate potential risks and ensure the security of affected devices.
References
[1] https://www.techradar.com/pro/security/major-vulnerability-found-in-cisco-software-could-allow-remote-attacker-to-launch-malware
[2] https://www.techtimes.com/articles/301048/20240126/severe-cisco-flaws-allow-threat-actors-remotely-attack-software-via.htm
[3] https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html
[4] https://sg.news.yahoo.com/cisco-products-now-critical-security-155517603.html
[5] https://www.csoonline.com/article/1298782/cisco-patches-critical-vulnerability-in-unified-communications-products.html
[6] https://www.picussecurity.com/resource/blog/cve-2024-20253-cisco-unified-comms-remote-code-execution-vulnerability
