January 10, 2024 at 03:46PM
Cisco has addressed a critical security flaw in Unity Connection, preventing unauthenticated attackers from gaining root privileges remotely. The vulnerability (CVE-2024-20272) allows execution of commands on the operating system by uploading arbitrary files. Additionally, Cisco patched ten medium-severity vulnerabilities in various products, including a command injection flaw in the WAP371 Wireless Access Point.
Based on the meeting notes, the key takeaways are:
1. Cisco has patched a critical security flaw in Unity Connection, which could allow unauthenticated attackers to remotely gain root privileges on unpatched devices. The vulnerability (CVE-2024-20272) was found in the software’s web-based management interface.
2. Cisco’s Product Security Incident Response Team (PSIRT) has no evidence of public proof of concept exploits for the vulnerability or active exploitation in the wild.
3. Cisco has released patch updates for various products, including Unity Connection and WAP371 Wireless Access Point, to address security vulnerabilities.
4. Although proof-of-concept exploit code is available online for a command injection flaw (CVE-2024-20287) in the web-based management interface of Cisco’s WAP371, Cisco will not release firmware updates to patch the security flaw as the device reached end-of-life status in June 2019. Customers with WAP371 devices are advised to migrate to the Cisco Business 240AC Access Point.
5. In October, Cisco also patched two zero-day vulnerabilities (CVE-2023-20198 and CVE-2023-20273) that had been exploited to hack over 50,000 IOS XE devices within a single week.
Let me know if you need any further information or assistance.