Cisco and VMware Release Critical Security Updates

Reading Time: ( Word Count: )

June 8, 2023
Nextdoorsec-course

Cisco and VMware release critical security updates. VMware has recently released security patches to address three vulnerabilities in Aria Operations for Networks, which could lead to data disclosure and remote code execution.

The most critical vulnerability among the three is a command injection flaw known as CVE-2023-20887, with a CVSS score of 9.8. A malicious actor with network access could remotely execute arbitrary code by exploiting this vulnerability.

VMware has also fixed another deserialization vulnerability, CVE-2023-20888, which received a CVSS score of 9.1 out of 10 on the scoring system.

According to VMware’s advisory, an attacker with network access to VMware Aria Operations for Networks and valid ‘member’ role credentials could perform a deserialization attack, resulting in remote code execution.

The third security issue is a high-severity information disclosure bug (CVE-2023-20889, CVSS score: 8.8). It allows an attacker with network access to perform a command injection attack and gain unauthorized access to sensitive data.

Also, Read: “Cybercriminals Leveraging CAPTCHA-Breaking Services with Human Solvers to Bypass Security Measures”

These three vulnerabilities affect version 6.x of VMware Aria Operations Networks. However, the company has addressed the issues in the following versions: 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10. There aren’t any known solutions to these vulnerabilities, which is unfortunate.

Similarly, Cisco has released fixes for a critical flaw in its Expressway Series and TelePresence Video Communication Server (VCS). This vulnerability (CVE-2023-20105, CVSS score: 9.6) allows an authenticated attacker with read-only Administrator-level credentials to elevate their privileges to Administrator with read-write credentials.

An attacker might change the passwords of any user on the network, even an administrator read-write user, using an authority cascade weakness resulting from improper handling of password change requests and then assuming that user’s identity. 

Moreover, another high-severity vulnerability (CVE-2023-20192, CVSS score: 8.4) affects the same product. In this case, an authenticated local attacker can execute commands and modify system configuration parameters.

Cisco advises blocking Command Line Interface (CLI) permission for read-only individuals as an interim remedy for CVE-2023-20192. Cisco has addressed both issues in versions 14.2.1 and 14.3.0 of VCS.

While there is no evidence of anyone exploiting these vulnerabilities, we strongly recommend promptly applying the patches to minimize potential risks.

These advisories come after discovering three security flaws in RenderDoc (CVE-2023-33863, CVE-2023-33864, and CVE-2023-33865), an open-source graphics debugger. These vulnerabilities could allow attackers to gain elevated privileges and execute arbitrary code.

Saher Mahmood

Saher Mahmood

Author

Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Top Security Practices to Protect Your Data in Cloud Services

Top Security Practices to Protect Your Data in Cloud Services

Cloud services make storing and accessing your data simple and flexible, but they also bring new security ...
Boosting Efficiency With Law Firm IT Solutions: A Guide for Small Practices

Boosting Efficiency With Law Firm IT Solutions: A Guide for Small Practices

Small law firms often juggle multiple responsibilities with limited resources, making efficiency a top priority. ...
Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
0 Comments

Submit a Comment

Your email address will not be published. Required fields are marked *