Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems Duplicate 1 Duplicate 1

  • 20 Feb 2024
  • News Code: 1670265
  • 2898

Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems Duplicate 1 Duplicate 1

Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device.

Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems from improper processing of user-provided data that a threat actor could abuse to send a specially crafted message to a listening port of a susceptible appliance.

"A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with the privileges of the web services user," Cisco said in an advisory. "With access to the underlying operating system, the attacker could also establish root access on the affected device."....

References:

https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html

خبرهای مرتبط

There are no results.