Cisco says critical Unity Connection bug lets attackers get root

Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.
Unity Connection is a fully virtualized messaging and voicemail solution for email inboxes, web browsers, Cisco Jabber, Cisco Unified IP Phone, smartphones, or tablets with high availability and redundancy support.
The vulnerability was found in the software's web-based management interface, and it allows attackers to execute commands on the underlying operating system by uploading arbitrary files to targeted and vulnerable systems.
Luckily, Cisco's Product Security Incident Response Team said the company has no evidence of public proof of concept exploits for this vulnerability or active exploitation in the wild.
Today, Cisco also patched ten medium-severity security vulnerabilities in multiple products, allowing attackers to escalate privileges, launch cross-site scripting attacks, inject commands, and more.
The company says that proof-of-concept exploit code is available online for one of these flaws, a command injection vulnerability tracked as CVE-2024-20287 in the web-based management interface of Cisco's WAP371 Wireless Access Point.
Although attackers could exploit this bug to execute arbitrary commands with root privileges on unpatched devices, administrative credentials are also required for successful exploitation.
Cisco says it will not release firmware updates to patch the CVE-2024-20287 security flaw because the Cisco WAP371 device reached end-of-life in June 2019.
The company advises customers with a WAP371 device on their network to migrate to the Cisco Business 240AC Access Point.
In October, Cisco also patched two zero-days exploited to hack over 50,000 IOS XE devices within a single week.
Ivanti warns of Connect Secure zero-days exploited in attacks.
Apache OFBiz RCE flaw exploited to find vulnerable Confluence servers.
Prep for Cisco CCNA & CCNP certifications with this $35 bundle deal.
Zyxel warns of multiple critical vulnerabilities in NAS devices.
Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day.


This Cyber News was published on www.bleepingcomputer.com. Publication date: Wed, 10 Jan 2024 20:45:03 +0000


Cyber News related to Cisco says critical Unity Connection bug lets attackers get root

Cisco says critical Unity Connection bug lets attackers get root - Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices. Unity Connection is a fully virtualized messaging and voicemail solution for email inboxes, web ...
10 months ago Bleepingcomputer.com
Critical Cisco Unity Connection flaw gives attackers root privileges. Patch now! - Cisco has fixed a critical vulnerability in Cisco Unity Connection that could allow an unauthenticated attacker to upload arbitrary files and gain root privilege on the affected system. Cisco Unity Connection is a unified messaging and voicemail ...
10 months ago Helpnetsecurity.com
Critical Cisco Unity Connection Flaw Let Attackers Run Command - A critical vulnerability of severe severity has been found in Cisco Unity Connection's web-based management interface. This flaw might allow a remote, unauthenticated attacker to upload arbitrary files to a compromised system and run commands on the ...
10 months ago Cybersecuritynews.com
New Linux glibc flaw lets attackers get root on major distros - Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation vulnerability in the GNU C Library. Tracked as CVE-2023-6246, this security flaw was ...
9 months ago Bleepingcomputer.com
What's Coming to Cisco Live Europe 2024 for the Data Center Developer? - In just a week or so, Cisco Live EMEA, 2024 will be ready to sizzle at the RAI Amsterdam. From a Cisco Cloud Networking standpoint, Cisco Nexus Dashboard, Cisco ACI, and Nexus 9000 Series switches are showing up in a big way. Read on to learn what ...
9 months ago Feedpress.me
5 Tips for Pi Day Savings at the Cisco Learning Network Store - Save 25% on select training products from the Cisco Learning Network Store for 24 hours only. Two new multicloud training courses are now available in the Cisco Learning Network Store-and they're included in the Pi Day Sale. If you are an active ...
8 months ago Feedpress.me
Rootkit Turns Kubernetes from Orchestration to Subversion - As software development focuses on continuous integration and deployment, orchestration platforms like Kubernetes have taken off, but that popularity has put them in attackers' crosshairs. Most successful attacks - at least those publicly reported - ...
11 months ago Darkreading.com
Cisco Patches Critical Vulnerability in Unity Connection Product - Cisco on Wednesday announced patches for a critical-severity vulnerability in the Unity Connection unified messaging and voicemail solution. The issue, tracked as CVE-2024-20272, can be exploited remotely, without authentication, to upload arbitrary ...
10 months ago Securityweek.com
Building Data Center Infrastructure for the AI Revolution  - This is part two of a multi-part blog series on AI. Part one, Why 2024 is the Year of AI for Networking, discussed Cisco's AI networking vision and strategy. This blog will focus on evolving data center network infrastructure for supporting AI/ML ...
8 months ago Feedpress.me
Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds - Joe Sullivan arrived at his sentencing hearing on May 4 this year, prepared to go to jail had the judge not gone with a parole board's recommendation of probation. A federal jury convicted the former Uber CISO months earlier on two charges of fraud ...
11 months ago Darkreading.com
CISA: Critical Microsoft SharePoint bug now actively exploited - CISA warns that attackers are now exploiting a critical Microsoft SharePoint privilege escalation vulnerability that can be chained with another critical bug for remote code execution. Tracked as CVE-2023-29357, the security flaw enables remote ...
10 months ago Bleepingcomputer.com
Cisco Adds New Security and AI Capabilities in Next Step Toward Cisco Networking Cloud Vision - PRESS RELEASE. AMSTERDAM, Feb. 6, 2024 /PRNewswire/ - CISCO LIVE EMEA - Cisco, the leader in networking and security, today introduced new capabilities and technologies across its networking portfolio that are designed to drive a more unified and ...
9 months ago Darkreading.com
Accelerating Your Journey to the 128-bit Universe - The 2023 National Cybersecurity Strategy requires acceleration of your agency's mission to go boldly into the 128-bit address space universe with greater speed and urgency. IPv6-only is the addressing standard for the U.S. Federal Government, ...
11 months ago Feedpress.me
Join Customer Experience for Cisco Live EMEA Demos - In her blog, Countdown to Cisco Live EMEA, Adele Trombetta, SVP, Cisco Customer Experience EMEA, mentioned how excited she is for Cisco Live EMEA in just a little more than a week, and I agree. I want to go a little deeper and give you some more ...
9 months ago Feedpress.me
CVE-2024-36963 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
Embrace the Multicloud Era with Cisco Learning and Certifications at Cisco Live Amsterdam - It's time to come together with experts and thousands of your peers to connect, learn, and advance your career with the Learning & Certifications team at Cisco Live Amsterdam, February 5-9, 2024. Let's dive into how you can make the most of your ...
9 months ago Feedpress.me
AWS Root vs IAM User: What to Know & When to Use Them - In Amazon Web Services, there are two different privileged accounts. One is defined as Root User and the other is defined as an IAM User. In this blog, I will break down the differences of an AWS Root User versus an IAM account, when to use one ...
1 year ago Beyondtrust.com
Cisco patches IOS XE zero-days used to hack over 50,000 devices - Cisco has addressed the two vulnerabilities that hackers exploited to compromise tens of thousands of IOS XE devices over the past week. The free software release comes after a threat actor leveraged the security issues as zero-days to compromise and ...
11 months ago Bleepingcomputer.com
Law Firms and Legal Departments Get Singled Out For Cyberattacks - Cyberattackers are doubling down on their attacks against law firms and corporate legal departments, moving beyond their historical activity of hacking and leaking secrets to targeting the sector with financial attacks, such as ransomware and ...
11 months ago Darkreading.com
Finland warns of Akira ransomware wiping NAS and tape backup devices - The Finish National Cybersecurity Center is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups. The agency says that the threat actor's attacks accounted for six out of the seven cases ...
10 months ago Bleepingcomputer.com
Inspiring Innovation at Cisco Live Las Vegas 2024 - Being in the technology industry means we've all had a front-row seat to witness tectonic shifts such as the inception of the internet and now Cisco will impact that level of change again. To assist you in this journey at Cisco Live, and beyond, is ...
5 months ago Feedpress.me
Cisco discloses new IOS XE zero-day exploited to deploy malware implant - Cisco disclosed a new high-severity zero-day today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week. The company said it found a fix for both vulnerabilities ...
11 months ago Bleepingcomputer.com
The power of community helps Cisco Insider Rob Taylor bring innovation to his customers. - Cisco's advocacy community, Cisco Insider Advocates, brings our customers together and provides a way for them to make powerful connections, expand their professional and personal networks, and learn from top experts in their field. Fate stepped in, ...
5 months ago Feedpress.me
Volt Typhoon Ramps Up Malicious Activity Against Critical Infrastructure - China-backed cyber espionage group Volt Typhoon is systematically targeting legacy Cisco devices in a sophisticated and stealthy campaign to grow its attack infrastructure. In many instances, the threat actor, known for targeting critical ...
10 months ago Darkreading.com
Ukraine-Russia Cyber Battles Have Real-World Impact - "The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says. ...
1 month ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)