Cisco patches more critical security bugs — here’s how you can stay protected

Three vulnerabilities were found in Expressway Series devices

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cisco has released a patch for multiple vulnerabilities found in the Expressway Series collaboration gateways.

Given that two of them are rated as “critical”, and would allow threat actors toexecute arbitrary coderemotely, patching the flaws without delay is recommended.

As per theadvisorypublished together with the patch, Cisco addressed CVE-2024-20252, and CVE-2024-20254, which could be abused by tricking a victim into clicking a custom-tailored link. Should the victim also happen to be an administrator, this would grant the attackers the ability to add new user accounts, run arbitrary code, elevate privileges, and more. The attack is described as a “cross-site request forgery (CSRF)”.

No PoC or evidence of exploits

“An attacker could exploit these vulnerabilities by persuading a user of the API to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user,” Cisco said in its advisory.

“If the affected user has administrative privileges, these actions could include modifying the system configuration and creating new privileged accounts.”

Besides the two above mentioned flaws, Cisco also fixed CVE-2024-20255, which could have been used by the attackers to change system configuration and run denial of service attacks. This flaw, together with CVE-2024-20254, can only be abused on Expressway Series instances with default configurations, Cisco further explained, while for the first one, the victim needs to have the cluster database (CDB) API feature toggled on.

The company also stressed that the patches are for Expressway Series, and not TelePresence Video Communication Server (VCS) gateway which, since it reached end-of-life last year, will not be getting a patch at all.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

The good news is that Cisco found no evidence of hackers already abusing these flaws in their campaigns. There are no proof-of-concepts (PoC) out there, either.

ViaBleepingComputer

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time