CarderPlanet
Professional
- Messages
- 2,552
- Reaction score
- 684
- Points
- 83
Root access on any device could be obtained in two clicks, did hackers have time to take advantage of the chance?
Cisco has released security updates to address a vulnerability in the Cisco Emergency Responder (CER) that allowed attackers to log in to non-updated systems using hard-coded credentials.
CER helps organizations respond effectively to emergencies by enabling accurate tracking of the location of IP phones, allowing you to redirect emergency calls to appropriate public safety response points.
The vulnerability, registered under the identifier CVE-2023-20101, allows unauthorized attackers to gain access to the target device using a root account with permanent credentials that could not be changed.
The company explained in its security advisory: "This vulnerability is caused by the presence of static user credentials for the root account, which are usually reserved for use during development. Successful exploitation allows an attacker to log in and execute arbitrary commands as the root user."
The company says that the critical vulnerability only affects Cisco Emergency Responder version 12.5 (1)SU4. All users of this version of CER should upgrade to 12.5(1)SU5 or more recent versions as soon as possible, if available.
A vulnerability related to hard-coded credentials was discovered during internal security testing. The Cisco Product Security Incident Response Team found no information about public disclosures or malicious exploitation of this vulnerability.
Unfortunately, there are no temporary solutions to mitigate this vulnerability, so administrators are advised to update the affected installations as soon as possible.
It is noteworthy that last week Cisco urged its customers to eliminate the zero-day vulnerability under the identifier CVE-2023-20109, aimed at proprietary IOS and IOS XE software.
And in early September, the company warned users about another zero-day vulnerability with the identifier CVE-2023-20269 in its Cisco ASA and Cisco FTD devices. The security breach was actively exploited by ransomware gangs to break into corporate networks.
Thus, the last month has not been very successful for Cisco, because new vulnerabilities are constantly emerging from everywhere. Nevertheless, the company quickly "patches holes" and provides the necessary support to its users in a timely manner.
Cisco has released security updates to address a vulnerability in the Cisco Emergency Responder (CER) that allowed attackers to log in to non-updated systems using hard-coded credentials.
CER helps organizations respond effectively to emergencies by enabling accurate tracking of the location of IP phones, allowing you to redirect emergency calls to appropriate public safety response points.
The vulnerability, registered under the identifier CVE-2023-20101, allows unauthorized attackers to gain access to the target device using a root account with permanent credentials that could not be changed.
The company explained in its security advisory: "This vulnerability is caused by the presence of static user credentials for the root account, which are usually reserved for use during development. Successful exploitation allows an attacker to log in and execute arbitrary commands as the root user."
The company says that the critical vulnerability only affects Cisco Emergency Responder version 12.5 (1)SU4. All users of this version of CER should upgrade to 12.5(1)SU5 or more recent versions as soon as possible, if available.
A vulnerability related to hard-coded credentials was discovered during internal security testing. The Cisco Product Security Incident Response Team found no information about public disclosures or malicious exploitation of this vulnerability.
Unfortunately, there are no temporary solutions to mitigate this vulnerability, so administrators are advised to update the affected installations as soon as possible.
It is noteworthy that last week Cisco urged its customers to eliminate the zero-day vulnerability under the identifier CVE-2023-20109, aimed at proprietary IOS and IOS XE software.
And in early September, the company warned users about another zero-day vulnerability with the identifier CVE-2023-20269 in its Cisco ASA and Cisco FTD devices. The security breach was actively exploited by ransomware gangs to break into corporate networks.
Thus, the last month has not been very successful for Cisco, because new vulnerabilities are constantly emerging from everywhere. Nevertheless, the company quickly "patches holes" and provides the necessary support to its users in a timely manner.
