In its latest security report, Cisco announced the fix of a security flaw in Redundancy Configuration Manager (RCM) for Cisco StarOS. Tracked as CVE-2022-20649, successful exploitation allows unauthenticated hackers to deploy a remote code execution (RCE) attack with root user privileges on the target system.
Cisco notes that the vulnerability exists because debug mode is enabled incorrectly, which would allow threat actors to exploit the flaw by connecting to the affected device and navigating to the service with this feature enabled for code execution. To access these devices running outdated software, hackers will have to perform detailed reconnaissance of vulnerable networks.
The good news is that the security teams in the company assure that the malicious exploitation of this flaw has not been detected, although they recommend updating as soon as possible.
Cisco also addressed an information disclosure vulnerability tracked as CVE-2022-20648 in Cisco RCM for Cisco StarOS, which exists due to a debugging service that listened to and accepted incoming connections incorrectly.
This second flaw could be exploited by remote threat actors by executing debugging commands; a successful attack would allow access to the confidential information of the victims. Cisco released RCM for StarOS 21.25.4, which includes the patches required to address these flaws.
A few months ago, Cisco fixed several flaws that would have allowed malicious hackers to execute code and commands remotely with root privileges. One of these flaws resided in SD-WAN vManage and its exploitation allowed threat actors to obtain root privileges on the underlying operating system in May. No cases of active exploitation related to these flaws were detected, although Cisco maintained extensive outreach campaigns on the availability of the patches.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.