Several critical vulnerabilities unearthed in Cisco and VMware systems could hand over dangerous amounts of power to cybercriminals if left unaddressed. Both companies have released patches and updates and are urging their customers to implement them as a matter of urgency.
Between them, the companies have released fixes to a total of five bugs, three of which have a critical CVSS score of nine or higher.
VMware and Cisco release patches to vulnerabilities
Three vulnerabilities in Aria Operations for VMware networks have been disclosed to the company by the zero-day team at security vendor Trend Micro, two of which achieved a CVSS severity score between nine and ten.
The first, CVE-2023-20887, scoring at 9.8, allows cybercriminals to perform a “command injection attack” that can then result in remote code execution. This essentially means that anyone who exploits this bug can run their own commands allowing them to gain a foothold within a network to begin accruing data for an attack.
Meanwhile, CVE-2023-20888, has a severity rating of 9.1, and gives a hacker the ability to perform a “deserialisation attack” provided they have access to company credentials. A deserialisation attack will force a network to consume untrusted serialised data without ensuring its validity, which will allow for attacks like remote code execution and privilege escalation.
The third and final VMware flaw is CVE-2023-20889, has a rating of 8.8 and could allow a cyber offender to perform a command injection attack, which when operated properly will relinquish sensitive data into the hands of the attacker.
VMware has now released patches for all the above vulnerabilities that can be accessed here.
Cisco Expressway flaws revealed
The announcement comes as networking hardware giant Cisco discloses two of its own exploits, with its requisite workarounds and patches.
A bug in its Cisco Expressway Series and Cisco Telepresence Video Communication Server (VCS), called CVE-2023-20105 with a rating of 9.6, could allow an authenticated, remote attacker administrator-level credentials to elevate their privileges on an affected system. “A successful exploit could allow the attacker to alter the passwords of any user,” in the network states a report by the company.
The second exploit, CVE-2023-20192 with a rating of 8.4, is a vulnerability in the privilege management functionality in the same series, which could allow the attacker to execute commands beyond the sphere of their intended access level, including modifying system configuration parameters, provided they have the initial credentials to initiate the attack.
Workarounds to both vulnerabilities are available here.
These vulnerabilities come just months after the company announced that Russian state-sponsored hackers APT28 were exploiting Cisco routers on a massive scale. The cybergang, also known as Fancy Bear, was using malware called Jaguar Tooth to infiltrate vulnerable servers.
This should serve as a reminder for users to keep their patches up to date, says a report by security company Malwarebytes: “Cisco published workarounds and updates for this vulnerability in June of 2017,” it says. “Nevertheless, the advisory says that the mentioned tactics, techniques, and procedures may still be being used against vulnerable Cisco devices.”