Cisco and VMware release critical security updates. VMware has recently released security patches to address three vulnerabilities in Aria Operations for Networks, which could lead to data disclosure and remote code execution.
The most critical vulnerability among the three is a command injection flaw known as CVE-2023-20887, with a CVSS score of 9.8. A malicious actor with network access could remotely execute arbitrary code by exploiting this vulnerability.
According to VMware’s advisory, an attacker with network access to VMware Aria Operations for Networks and valid ‘member’ role credentials could perform a deserialization attack, resulting in remote code execution.
The third security issue is a high-severity information disclosure bug (CVE-2023-20889, CVSS score: 8.8). It allows an attacker with network access to perform a command injection attack and gain unauthorized access to sensitive data.
These three vulnerabilities affect version 6.x of VMware Aria Operations Networks. However, the company has addressed the issues in the following versions: 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10. There aren’t any known solutions to these vulnerabilities, which is unfortunate.
Similarly, Cisco has released fixes for a critical flaw in its Expressway Series and TelePresence Video Communication Server (VCS). This vulnerability (CVE-2023-20105, CVSS score: 9.6) allows an authenticated attacker with read-only Administrator-level credentials to elevate their privileges to Administrator with read-write credentials.
An attacker might change the passwords of any user on the network, even an administrator read-write user, using an authority cascade weakness resulting from improper handling of password change requests and then assuming that user’s identity.
Moreover, another high-severity vulnerability (CVE-2023-20192, CVSS score: 8.4) affects the same product. In this case, an authenticated local attacker can execute commands and modify system configuration parameters.
Cisco advises blocking Command Line Interface (CLI) permission for read-only individuals as an interim remedy for CVE-2023-20192. Cisco has addressed both issues in versions 14.2.1 and 14.3.0 of VCS.
While there is no evidence of anyone exploiting these vulnerabilities, we strongly recommend promptly applying the patches to minimize potential risks.
These advisories come after discovering three security flaws in RenderDoc (CVE-2023-33863, CVE-2023-33864, and CVE-2023-33865), an open-source graphics debugger. These vulnerabilities could allow attackers to gain elevated privileges and execute arbitrary code.