Brother
Professional
- Messages
- 2,590
- Reaction score
- 483
- Points
- 83
Cisco urges users to take urgent security measures.
Cisco has released updates to address a critical vulnerability affecting Unified Communications and Contact Center products that could allow an unauthenticated remote attacker to execute arbitrary code on the target device.
Tracked as CVE-2024-20253 (CVSS score: 9.9), the problem is related to incorrect processing of user-provided data, which an attacker can abuse to send a specially crafted message to the listening port of the vulnerable device.
A successful exploit allows you to execute arbitrary commands on the underlying operating system with the privileges of a web service user. With access to the underlying operating system, a cybercriminal can also gain root access on the affected device.
The discovery and reporting of the flaw is credited to Synacktiv security researcher Julien Egloff. The error affects the following products:
While there are no workarounds, Cisco encourages users to configure access control lists to restrict access where immediate updates cannot be applied. Cisco recommends creating access control lists (ACLs) on intermediate devices that separate the Cisco Unified Communications or Cisco Contact Center Solutions cluster from users and the rest of the network to allow access only to the ports of the deployed services.
Cisco has released updates to address a critical vulnerability affecting Unified Communications and Contact Center products that could allow an unauthenticated remote attacker to execute arbitrary code on the target device.
Tracked as CVE-2024-20253 (CVSS score: 9.9), the problem is related to incorrect processing of user-provided data, which an attacker can abuse to send a specially crafted message to the listening port of the vulnerable device.
A successful exploit allows you to execute arbitrary commands on the underlying operating system with the privileges of a web service user. With access to the underlying operating system, a cybercriminal can also gain root access on the affected device.
The discovery and reporting of the flaw is credited to Synacktiv security researcher Julien Egloff. The error affects the following products:
- Unified Communications Manager (versions 11.5,12.5 (1) and 14);
- Unified Communications Manager IM & Presence Service (versions 11.5 (1), 12.5 (1) and 14);
- Unified Communications Manager Session Management Edition (versions 11.5,12.5 (1) and 14);
- Unified Contact Center Express (versions 12.0 and earlier and 12.5(1));
- Unity Connection (versions 11.5 (1), 12.5 (1), and 14);
- Virtualized Voice Browser (versions 12.0 and earlier, 12.5 (1) and 12.5 (2)).
While there are no workarounds, Cisco encourages users to configure access control lists to restrict access where immediate updates cannot be applied. Cisco recommends creating access control lists (ACLs) on intermediate devices that separate the Cisco Unified Communications or Cisco Contact Center Solutions cluster from users and the rest of the network to allow access only to the ports of the deployed services.
