Security: Vulnerabilities in Cisco products

[German]A brief overview of various vulnerabilities in Cisco products. The Cisco Unified IP Conference Station 7937G is vulnerable. And there are also vulnerabilities in AnyConnect (Windows).


Advertising

Vulnerabilities in Cisco AnyConnect

There are vulnerabilities in the Windows version of Cisco-AnyConnect, which are summarized in the following tweet

  • CVE-2020-3433 (high, privesc https://t.co/J6OmZiy3Qx), Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability.A vulnerability in the IPC (Interprocess Communication) channel of the Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to perform a DLL hijacking attack. To exploit this vulnerability, the attacker would need to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of resources that are loaded by the application at runtime. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker would have to have valid logon credentials on the Windows system. 
  • CVE-2020-3434 (medium, DoS https://t.co/Pz5LQCR5ez), Cisco AnyConnect Secure Mobility Client for Windows Denial of Service Vulnerability.A vulnerability in the inter-process communication channel (IPC) of the Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to cause a denial of service (DoS) state on an affected device. To exploit this vulnerability, the attacker would have to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of the data entered by the user. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process on an affected device. A successful exploit could allow the attacker to stop the AnyConnect process and cause a DoS condition on the device. To exploit this vulnerability, the attacker would have to have valid credentials on the Windows system.
  • CVE-2020-3435 A vulnerability in the inter-process communication channel (IPC) of the Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to overwrite VPN profiles on an affected device. To exploit this vulnerability, the attacker would have to have valid credentials on the Windows system. The vulnerability is due to insufficient validation of data entered by the user. An attacker could exploit this vulnerability by sending a crafted IPC message to the AnyConnect process on an affected device. Successful exploitation could allow the attacker to modify VPN profile files. To exploit this vulnerability, the attacker would have to have valid credentials on the Windows system.

Please refer to the linked Cisco support articles for details.

Cisco Unified IP Conference Station 7937G

The Cisco Unified IP Conference Station 7937G has long since fallen out of support. In the following tweet, a security researcher mentions three weaknesses that he has found.

Details can be found in the linked article.


Advertising


Advertising


This entry was posted in Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *