January 11, 2024 at 09:21AM
Cisco announced patches for a critical vulnerability (CVE-2024-20272) in Unity Connection, enabling remote exploitation without authentication. Versions 12.5.1.19017-4 and 14.0.1.14006-5 resolve this. Additionally, a medium-severity flaw (CVE-2024-20287) in the WAP371 access point’s discontinued model has a released exploit code. Cisco advises migration to Business 240AC AP and announced patches for other medium-severity issues.
Based on the meeting notes, here are the key takeaways:
– Cisco announced patches for a critical-severity vulnerability in Unity Connection, tracked as CVE-2024-20272, allowing remote exploitation to upload arbitrary files, execute commands, and elevate privileges to root. Versions 12.5.1.19017-4 and 14.0.1.14006-5 of Unity Connection resolve the flaw.
– There are no workarounds available for this vulnerability, and it has not been exploited in the wild.
– Cisco also warned about a medium-severity security defect, tracked as CVE-2024-20287, in the discontinued WAP371 Wireless-AC/N dual radio access point, enabling command injections. Customers still using WAP371 are advised to migrate to the Cisco Business 240AC AP.
– Proof-of-concept exploit code is available for the WAP371 vulnerability, but there have been no observed malicious exploitations.
– Cisco also announced patches for multiple medium-severity flaws in TelePresence Management Suite, ThousandEyes Enterprise Agent, Evolved Programmable Network Manager (EPNM), Prime Infrastructure, BroadWorks platform, and Identity Services Engine (ISE).
For additional information, refer to Cisco’s security advisories page.