Cisco Security Updates:  Cisco Fixes Windows DLL Hijacking, Remote Code Execution, Authorization Bypass Vulnerabilities

Cisco has recently reinforced and released security updates to address severe vulnerabilities in several Cisco products like high-risk Webex Teams, video monitoring cameras, Identity Services Engine (ISE), etc.

These could allow a remote attacker to exploit some of these vulnerabilities through which an attacker can also take proper control of an affected device or administer arbitrary code on the affected systems.

Vulnerabilities detected and fixed

According to the Cisco report, The vulnerabilities that are detected and got fixed are mentioned below:-

  • Cisco Webex Teams Client for Windows DLL Hijacking Vulnerability (High)
  • Cisco Identity Services Engine Authorization Bypass Vulnerability ( High)
  • Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerability (High)
  • Cisco StarOS Privilege Escalation Vulnerability (Medium)
  • Cisco SD-WAN vManage Cross-Site Scripting Vulnerability (Medium)
  • Cisco Nexus Data Broker Software Path Traversal Vulnerability (Medium) 
  • Cisco Identity Services Engine Cross-Site Scripting Vulnerability (Medium)
  • Cisco Industrial Network Director Denial of Service Vulnerability (Medium)

Cisco Identity Services Engine Authorization Bypass Vulnerability

This vulnerability attacks the Cisco Webex Teams for Windows releases 3.0.13464.0 by 3.0.16040.0, and it was identified as CVE-2020-3535. However, there are no workarounds available that discuss this vulnerability. While Cisco has published free software updates that inscribe the vulnerability that has been described in the advisory.

Moreover, the users may only install and anticipate the support for software versions and traits a set, for which they have acquired a license. So, by installing, downloading, obtaining, or simply by using such software upgrades, users can easily agree to comprehend the terms of the Cisco software license.

Cisco Identity Services Engine Authorization Bypass Vulnerability

This vulnerability attacks the vulnerable releases of the Cisco ISE, and this bug was identified as CVE-2020-3467. Currently, there are no workarounds are available that could inscribe this vulnerability. However, Cisco has published free software updates that discuss the vulnerability that has been described in the advisory. 

Moreover, the users may only install and demand support for software versions and feature collections to obtain a license. So, by installing, downloading, accepting, or using such software upgrades, the users can quickly agree to observe the terms of the Cisco software license.

Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerability 

This vulnerability attacks the Cisco Video Surveillance 8000 Series IP Cameras if they are operating a firmware release earlier than Release 1.0.9-5 and have the Cisco Discovery Protocol approved. This bug was identified as CVE-2020-3544, and currently, there are no workarounds available that discuss this vulnerability. 

While Cisco has published free software updates that address the vulnerability outlined in the advisory. Here, the users may only install and demand support for the software versions and feature sets, for which they have acquired a license.

Apart from this, Cisco has also fixed 11 Medium rated vulnerabilities for StarOS, SD-WAN, Nexus Data Broker, Firepower, and various other network products, and here are a few of them.

Cisco StarOS Privilege Escalation Vulnerability

This bug was identified as CVE-2020-3602, and it is a vulnerability that was found in the CLI of Cisco StarOS for Cisco ASR 5000 Series Routers that could enable an authenticated, local attacker to upgrade privileges on an affected device.

Cisco SD-WAN vManage Cross-Site Scripting Vulnerability

This bug was identified as CVE-2020-3536, and it’s a vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software that could enable a remote attacker to convoy a cross-site scripting (XSS) attack upon a user of the interface.

Cisco Nexus Data Broker Software Path Traversal Vulnerability

This bug was identified as CVE-2020-3597, and it is a vulnerability in the configuration repair feature of Cisco Nexus Data Broker software that could enable an unauthenticated remote threat actor to make a directory traversal attack on an attacked device.

Cisco Identity Services Engine Cross-Site Scripting Vulnerability

This bug was identified as CVE-2020-3589, and it is a vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) software that could enable an authenticated, remote attacker with administrative credentials to convey cross-site scripting (XSS) attack on user of the interface.

Cisco Industrial Network Director Denial of Service Vulnerability

This flaw was identified as CVE-2020-3567, and it’s a vulnerability that was detected in the management REST API of Cisco Industrial Network Director (IND). This flaw could allow a remote attacker to utilize the 100 percent resources of CPU, which will end-up appearing as a denial of service (DoS) condition on an affected device.

Cisco asserted that a threat actor would require read-only administrator access to overwork this vulnerability. However, a strong exploit could enable an attacker to transform the parts of the configuration.

Leave a Reply