Cisco Duo Device Health App Flaw

The CryptoService function in the Cisco Duo Device Health Application for Windows has a vulnerability tracked as (CVE-2023-20229).

This might allow a low-privileged attacker to carry out directory traversal attacks and overwrite arbitrary files on a susceptible device.

Directory traversal, also known as Path traversal, is a type of HTTP attack that enables attackers to access restricted directories and run commands outside of the web server’s root directory.

An attacker just requires a web browser and some knowledge of where to look for any default files and directories on the system to conduct a directory traversal attack.

Cisco has issued software upgrades to address this vulnerability. There are no workarounds for this issue.

Details of the Vulnerability

The vulnerability tagged as (CVE-2023-20229) with a CVSS score of 7.1 with high severity range is caused due to insufficient input validation.

“An attacker could exploit this vulnerability by executing a directory traversal attack on an affected host,” Cisco said in its security advisory.

Upon successful exploitation, an attacker may be able to overwrite arbitrary files with SYSTEM-level privileges using a cryptographic key, causing a DoS issue or data loss on the impacted system.

Affected Products

The Cisco Duo Device Health Application for Windows is impacted. Cisco also confirms that this vulnerability does not impact Cisco Duo Device Health Application for macOS.

Fixes Available

Cisco has issued free software upgrades available to fix the problem.

Customers are encouraged to upgrade to an applicable fixed software release as soon as possible to remain secure.

Keep informed about the latest Cyber Security News by following us on GoogleNewsLinkedinTwitter, and Facebook.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.