View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
June 8, 2023updated 09 Jun 2023 9:07am

VMware and Cisco vulnerabilities lead to a flurry of patches and workarounds

Apply patches urgently, tech vendors declare as flaws in their software are uncovered.

By Claudia Glover

Several critical vulnerabilities unearthed in Cisco and VMware systems could hand over dangerous amounts of power to cybercriminals if left unaddressed. Both companies have released patches and updates and are urging their customers to implement them as a matter of urgency.

VMware and Cisco release patches to a flurry of vulnerabilities. (Photo by possohh/Shutterstock)

Between them, the companies have released fixes to a total of five bugs, three of which have a critical CVSS score of nine or higher.

VMware and Cisco release patches to vulnerabilities

Three vulnerabilities in Aria Operations for VMware networks have been disclosed to the company by the zero-day team at security vendor Trend Micro, two of which achieved a CVSS severity score between nine and ten.

The first, CVE-2023-20887, scoring at 9.8, allows cybercriminals to perform a “command injection attack” that can then result in remote code execution. This essentially means that anyone who exploits this bug can run their own commands allowing them to gain a foothold within a network to begin accruing data for an attack.

Meanwhile, CVE-2023-20888, has a severity rating of 9.1, and gives a hacker the ability to perform a “deserialisation attack” provided they have access to company credentials. A deserialisation attack will force a network to consume untrusted serialised data without ensuring its validity, which will allow for attacks like remote code execution and privilege escalation.

The third and final VMware flaw is CVE-2023-20889, has a rating of 8.8 and could allow a cyber offender to perform a command injection attack, which when operated properly will relinquish sensitive data into the hands of the attacker. 

VMware has now released patches for all the above vulnerabilities that can be accessed here.

Content from our partners
How businesses can safeguard themselves on the cyber frontline
How hackers’ tactics are evolving in an increasingly complex landscape
Green for go: Transforming trade in the UK

Cisco Expressway flaws revealed

The announcement comes as networking hardware giant Cisco discloses two of its own exploits, with its requisite workarounds and patches. 

A bug in its Cisco Expressway Series and Cisco Telepresence Video Communication Server (VCS), called CVE-2023-20105 with a rating of 9.6, could allow an authenticated, remote attacker administrator-level credentials to elevate their privileges on an affected system. “A successful exploit could allow the attacker to alter the passwords of any user,” in the network states a report by the company.

The second exploit, CVE-2023-20192 with a rating of 8.4, is a vulnerability in the privilege management functionality in the same series, which could allow the attacker to execute commands beyond the sphere of their intended access level, including modifying system configuration parameters, provided they have the initial credentials to initiate the attack. 

Workarounds to both vulnerabilities are available here.

These vulnerabilities come just months after the company announced that Russian state-sponsored hackers APT28 were exploiting Cisco routers on a massive scale. The cybergang, also known as Fancy Bear, was using malware called Jaguar Tooth to infiltrate vulnerable servers.

This should serve as a reminder for users to keep their patches up to date, says a report by security company Malwarebytes: “Cisco published workarounds and updates for this vulnerability in June of 2017,” it says. “Nevertheless, the advisory says that the mentioned tactics, techniques, and procedures may still be being used against vulnerable Cisco devices.”

Read more: VMware patches vulnerabilities in Workstation hypervisor

Topics in this article :
Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU