Uncategorized Open debug mode in Cisco mobile networking software created critical security hole – The Daily Swig
Take a closer look at Iran’s state-sponsored hacking groups
Human error bugs increasingly making a splash, study indicates
Software supply chain attacks – everything you need to know
North Korean cyber-threat groups become top-tier adversaries
What’s in a (domain) name?
How expired web domains are helping criminal hacking campaigns
Bug Bounty Radar
The latest programs for January 2022
A schedule of events in 2021 and beyond
Patch issued after testing engineers uncover RCE threat
Cisco has patched a pair of vulnerabilities in its telco-focused Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS software, including a critical flaw that presented a remote code execution risk.
Cisco StarOS used in the provision of virtual mobile networks for large corporations and telecommunication service providers.
As its name suggests, RCM is a management technology that handles the failover between different virtualized systems involved in provisioning, billing, and other telecom services.
Multiple systems are run in parallel in order to offer reliability to mobile network systems.
In a security update released on Wednesday (January 19), the networking giant said the vulnerability it has resolved could allow an “unauthenticated, remote attacker to disclose sensitive information or execute arbitrary commands as the root user in the context of the configured container”.
The CVE-2022-20649 vulnerability stems from a failure to disable the debug mode that’s there to help out during the product development process.
“This vulnerability exists because the debug mode is incorrectly enabled for specific services,” Cisco explains. “An attacker could exploit this vulnerability by connecting to the device and navigating to the service with debug mode enabled.”
According to Cisco, the vulnerability only lends itself to exploitation by an authenticated attacker and would require reconnaissance – difficulties that mean what would otherwise be classified as a maximum severity flaw earns a CVSS rating of 9.0.
Another software update released by Cisco this week tackles a related but less severe vulnerability in RCM.
This security issue – tracked as CVE-2022-20648 – involves an information disclosure risk and arises because “because of a debug service that incorrectly listens to and accepts incoming connections”.
There are no workarounds to protect against attack in either case, and users are advised to apply Cisco’s software updates at their earliest convenience.
Both vulnerabilities were discovered by Cisco engineers during internal security testing.
A complete list of recent Cisco security advisories can be found in the company’s online security center.
YOU MAY ALSO LIKE White House tells agencies to raise the cybersecurity bar for national security systems
© 2022 PortSwigger Ltd.