Admins who use Cisco hardware and software in company networks and data centers should bring the systems up to date. Otherwise, in the worst case, attackers could execute malicious code with root privileges.
Remote code execution
Two vulnerabilities (CVE-2022-20648″medium“, CVE-2022-20649 “critical“) threaten Redundancy Configuration Manager (RCM) for StarOS. The software is used, among other things, in the ASR 5500 platform for operating mobile phone networks.
As described in an alert, remote attackers could target debug mode that is incorrectly enabled for certain services without authentication. If that works, they could execute malicious code with root privileges in the context of a configured container. Against should RCM for StarOS 21.25.4 to be secured.
More gaps
Local attackers could use a loophole (CVE-2022-20655 “high“) in the framework for developing IT management solutions ConfD push and execute their own commands. According to Cisco, however, they must be logged on to the system. The developers list the repaired issues in an article.
Furthermore, attackers could still exploit various Cisco products via vulnerabilities in CLI (CVE-2022-20655 “high“) and Snort Modbus (CVE-2022-20685 “high“) and trigger DoS states. The Webex meeting software has a vulnerability (CVE-2022-20654 “medium“) can be attacked in the interface that can be reached via the Internet.
List sorted by threat level in descending order:
(of)