Cisco has released patches for a critical security vulnerability (CVE-2023-20238) in its BroadWorks Application Delivery Platform and BroadWorks Xtended Services Platform [4] [6].

Description

This flaw allows a remote [7], unauthenticated attacker to forge credentials and gain unauthorized access to affected systems [2] [3] [6] [7]. The vulnerability is caused by the method used to validate single sign-on (SSO) tokens [2] [3] [7]. Exploiting this vulnerability can lead to toll fraud, execution of commands with the privileges of the forged account [2] [3] [6], reading sensitive data [1] [7], and modifying customer settings [2] [3] [7]. The impacted services include AuthenticationService [5], BWCallCenter [5], BWReceptionist [5], CustomMediaFilesRetrieval [5], ModeratorClientApp [5], PublicECLQuery [5], PublicReporting [5], UCAPI [5], Xsi-Actions [5], Xsi-Events [5], Xsi-MMTel [5], and Xsi-VTR [5].

Cisco recommends that users promptly upgrade to the recommended versions, such as AP.platform.23.0.1075.ap385341 for users of the 23.0 version and Ap.platform.2023.061.333 or 2023.071.332 for users of the RI edition. It is important to note that no active misuse of this vulnerability has been reported yet, but it is crucial for users to take immediate action to mitigate this security risk. The vulnerability has a CVSS base score of 10.0 and there are no workarounds available.

Conclusion

Users should be aware of the potential impacts of this vulnerability, including toll fraud [1], unauthorized access [2] [3] [6], and data breaches. To mitigate this risk, it is essential to promptly upgrade to the recommended versions provided by Cisco. Although no active misuse has been reported, immediate action is necessary to prevent any potential exploitation. It is important to note that there are no workarounds available for this vulnerability.

References

[1] https://www.darkreading.com/vulnerabilities-threats/critical-security-bug-cisco-broadworks-complete-takeover
[2] https://prophaze.com/cve/cve-2023-20238/
[3] https://www.systemtek.co.uk/2023/09/cisco-broadworks-application-delivery-platform-and-xtended-services-platform-authentication-bypass-vulnerability-cve-2023-20238/
[4] https://itsecuritywire.com/quick-bytes/cisco-announces-patches-critical-vulnerability-in-broadworks-platform/
[5] https://www.techzine.eu/news/security/111071/cisco-broadworks-platform-hit-by-serious-vulnerability/
[6] https://www.threatshub.org/blog/cisco-patches-critical-vulnerability-in-broadworks-platform/
[7] https://gbhackers.com/cisco-broadworks-flaw/