Cisco fixes security flaw that could have allowed sneaky hacking

Cisco has confirmed it patched a high-severity flaw that was impacting its IOx application hosting environment.  Cisco IOx is an applicati...

Cisco has confirmed it patched a high-severity flaw that was impacting its IOx application hosting environment. 

Cisco IOx is an application environment that allows consistent deployment of applications that are independent of the network infrastructure and docker tooling for development. It is used by a wide range of businesses, from manufacturing, to energy, to the public sector.

The flaw, tracked as CVE-2023-20076, allowed threat actors to achieve persistence on the operating system, thus gaining the ability to execute commands, remotely.

Who is affected?

"An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file," Cisco said in its security advisory. 

Users running IOS XE without native docker support are affected, as well as those running 800 Series Industrial ISR routers, CGR1000 compute modules, IC3000 industrial compute gateways, IR510 WPAN industrial routers, and Cisco Catalyst access point (COS-APs) endpoints.

Catalyst 9000 Series switches, IOS XR and NX-OS software, and Meraki products, are unaffected by the flaw, the company added.

The caveat with this vulnerability is that the threat actors need to already be authenticated as an administrator on the vulnerable systems. 

Still, researchers from Trellix, who first discovered the flaw, said crooks could easily pair this vulnerability with others, in their malicious campaigns. Authentication can be obtained with default login credentials (many users never change them), as well as through phishing and social engineering. 

After authenticating, CVE-2023-20076 can be abused for "unrestricted access, allowing malicious code to lurk in the system and persist across reboots and firmware upgrades."

"Side-stepping this security measure means that if an attacker exploits this vulnerability, the malicious package will keep running until the device is factory reset or until it is manually deleted."

The good news is that so far there is no evidence of the flaw being exploited in the wild but still, if you use this solution, make sure it's updated to the latest version. 

Via: BleepingComputer



from TechRadar - All the latest technology news https://ift.tt/ltN0WEH
via IFTTT

COMMENTS

BLOGGER
Name

Apps,3858,Business,151,Camera,1155,Earn $$$,3,Gadgets,1741,Games,926,GTA,1,Innovations,3,Mobile,1697,Paid Promotions,5,Promotions,5,Sports,1,Technology,8106,Trailers,796,Travel,37,Trending,4,Trendly News,25335,TrendlyNews,183,Video,5,XIAOMI,13,YouTube - 9to5Google,182,
ltr
item
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews: Cisco fixes security flaw that could have allowed sneaky hacking
Cisco fixes security flaw that could have allowed sneaky hacking
Trendly News | #ListenNow #Everyday #100ShortNews #TopTrendings #PopularNews #Reviews #TrendlyNews
http://www.trendlynews.in/2023/02/cisco-fixes-security-flaw-that-could.html
http://www.trendlynews.in/
http://www.trendlynews.in/
http://www.trendlynews.in/2023/02/cisco-fixes-security-flaw-that-could.html
true
3372890392287038985
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy