Cisco is warning of tried exploitation of a security flaw in its IOS Software and IOS XE Computer software that could allow an authenticated remote attacker to attain distant code execution on afflicted programs.
The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS rating of 6.6. It impacts all variations of the application that have the GDOI or G-IKEv2 protocol enabled.
The business reported the shortcoming “could permit an authenticated, distant attacker who has administrative command of possibly a team member or a essential server to execute arbitrary code on an impacted unit or lead to the unit to crash.”
It further more noted that the issue is the consequence of insufficient validation of characteristics in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN aspect and it could be weaponized by possibly compromising an set up essential server or modifying the configuration of a group member to level to a key server that is managed by the attacker.
The vulnerability is stated to have been uncovered following an internal investigation and supply code audit initiated just after an “tried exploitation of the GET VPN characteristic.”
The revelation comes as Cisco in depth a established of five flaws in Catalyst SD-WAN Supervisor (variations 20.3 to 20.12) that could allow an attacker to obtain an afflicted instance or trigger a denial of assistance (DoS) condition on an influenced program –
- CVE-2023-20252 (CVSS score: 9.8) – Unauthorized Access Vulnerability
- CVE-2023-20253 (CVSS score: 8.4) – Unauthorized Configuration Rollback Vulnerability
- CVE-2023-20034 (CVSS rating: 7.5) – Information Disclosure Vulnerability
- CVE-2023-20254 (CVSS rating: 7.2) – Authorization Bypass Vulnerability
- CVE-2023-20262 (CVSS rating: 5.3) – Denial-of-Support Vulnerability
Productive exploitation of the bugs could enable the danger actor to obtain unauthorized obtain to the software as an arbitrary person, bypass authorization and roll again controller configurations, obtain the Elasticsearch databases of an affected process, accessibility yet another tenant managed by the same occasion, and lead to a crash.
Buyers are encouraged to update to a fixed software program release to remediate the vulnerabilities.
Located this write-up attention-grabbing? Observe us on Twitter and LinkedIn to read more exceptional written content we publish.
Some parts of this article are sourced from:
thehackernews.com