Cisco and VMware have released security updates to address critical security flaws in their products that could be exploited by malicious actors to execute arbitrary code on affected systems.
The most serious of the vulnerabilities is a command injection flaw in Cisco Industrial Network Director (CVE-2023-20036, CVSS Score: 9.9), which resides in the Web UI component and occurs as result of incorrect input validation when loading a device package. .
“A successful exploit could allow an attacker to execute arbitrary commands as NT AUTHORITYSYSTEM on the underlying operating system of an affected device,” Cisco said in an advisory published on April 19, 2023.
The larger networking team also resolved a medium-severity file permissions vulnerability in the same product (CVE-2023-20039, CVSS Score: 5.5) that an authenticated local attacker could exploit to view sensitive information.
Patches have been made available in version 1.11.3, with Cisco crediting an unnamed “external” researcher for reporting both issues.
Cisco has also fixed another critical flaw in the external authentication mechanism of the Modeling Labs network simulation platform. Tracked as CVE-2023-20154 (CVSS Score: 9.1), the vulnerability could allow an unauthenticated remote attacker to access the web interface with administrative privileges.
“To exploit this vulnerability, an attacker would need valid user credentials that are stored on the associated external authentication server,” the company noted.
“If the LDAP server is configured to respond to search queries with a non-empty array of matching entries (responses containing search result reference entries), this authentication bypass vulnerability can be exploited.”
While there are workarounds that plug the security hole, Cisco cautions customers to test the effectiveness of these fixes in their own environments before administering them. The deficiency has been fixed with the release of version 2.5.1.
VMware ships updates for Aria Operations for Logs
VMware, in an advisory published on April 20, 2023, warned of a critical deserialization flaw affecting multiple versions of Aria Operations for Logs (CVE-2023-20864, CVSS Score: 9.8).
Learn how to stop ransomware with real-time protection
Join our webinar and learn how to stop ransomware attacks with real-time MFA and service account protection.
Save my seat!
“An unauthenticated malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root,” the virtualization service provider said.
VMware Aria Operations for Logs 8.12 addresses this vulnerability along with a high-severity command injection bug (CVE-2023-20865, CVSS Score: 7.2) that could allow an attacker with administrative privileges to execute arbitrary commands such as to root.
“CVE-2023-20864 is a critical issue and should be fixed immediately,” the company said. “It should be noted that only version 8.10.2 is affected by this vulnerability.”
The alert comes nearly three months after VMware linked two critical issues in the same product (CVE-2022-31704 and CVE-2022-31706, CVSS scores: 9.8) that could lead to remote code execution.
Because Cisco and VMware devices are lucrative targets for threat actors, users are encouraged to move quickly to apply updates to mitigate potential threats.
Source link
Cisco and VMware have both released security updates to patch critical vulnerabilities found in their products. Both companies are committed to providing a secure environment for their customers and take every possible precaution to ensure that their customers data remains safe.
Ikaroa, a full stack tech company, offers a variety of services to help businesses navigate the modern cyber security landscape. As the new market for cyber security services continues to grow, companies need to make sure that their information is secure.
Cisco and VMware’s recent security updates are reflective of this need, and their patching of their products with the latest security protocols is a great demonstration of the companies’ commitment to cyber security.
Ikaroa offers services ranging from professional security consulting to automated patching and vulnerability testing. We assist businesses with keeping their data secure and work closely with both Cisco and VMware products to make sure they are properly protected.
With the release of the security updates, businesses should be aware of the potential vulnerabilities that may exist in their products and make sure to stay up-to-date with any security patches that may come out. With Ikaroa’s tools and expertise, businesses can be assured that their data is safe and secure.
