Pierluigi Paganini October 09, 2020

Cisco fixed three high-severity flaws in Webex video conferencing system, Video Surveillance 8000 Series IP Cameras and Identity Services Engine.

Cisco has addressed three high-severity flaws and eleven medium-severity vulnerabilities in its Webex video conferencing system, Video Surveillance 8000 Series IP Cameras and Identity Services Engine.

The most severe of these vulnerabilities is a Remote Code Execution and Denial of Service issue in Cisco’s Video Surveillance 8000 Series IP Cameras.

The vulnerabilty, tracked as Remote Code Execution and Denial of Service Vulnerability. received a CVSS score of 8.8 out of 10.

“A vulnerability in the Cisco Discovery Protocol implementation for Cisco Video Surveillance 8000 Series IP Cameras could allow an unauthenticated, adjacent attacker to execute arbitrary code on an affected device or cause the device to reload.” reads the Cisco’s security advisory.

“This vulnerability is due to missing checks when an IP camera processes a Cisco Discovery Protocol packet.”

An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to a vulnerable device. The flaw could allow an attacker to execute code on the affected IP camera or triggering a DoS condition by forcing the device to reload unexpectedly, resulting in a denial of service (DoS) condition.

Cisco also addressed a high-severity flaw, tracked as CVE-2020-3535, in its Webex platform that is caused by the incorrect handling of directory paths at run time.

An authenticated, local attacker could exploit the flaw to load a malicious library, experts pointed out that to exploit this vulnerability, the attacker needs valid credentials on the Windows system.

“The vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by placing a malicious DLL file in a specific location on the targeted system. This file will execute when the vulnerable application launches.” reads the advisory published by Cisco. “A successful exploit could allow the attacker to execute arbitrary code on the targeted system with the privileges of another user’s account.”

The vulnerability affects Cisco Webex Teams for Windows releases 3.0.13464.0 through 3.0.16040.0, the IT giant confirmed that the issue does not affect Webex Teams for Android, Mac or iPhone and iPad.

The third high-severity flaw, tracked as CVE-2020-3467, resides in the web-based management interface of Cisco Identity Services Engine (ISE).

The ISE is a tool that enables the creation and enforcement of security and access policies for endpoint devices connected to the company’s network devices. The vulnerability allows an authenticated, remote attackers to modify parts of the configuration on an affected device.

“The vulnerability is due to improper enforcement of role-based access control (RBAC) within the web-based management interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to modify parts of the configuration. The modified configuration could either allow unauthorized devices onto the network or prevent authorized devices from accessing the network.” according to reads the Cisco’s advisory “To exploit this vulnerability, an attacker would need valid Read-Only Administrator credentials.”

 The good news is that the Cisco Product Security Incident Response Team (PSIRT) is not aware attacks exploiting the above flaws in the wild.

Pierluigi Paganini

(SecurityAffairs – hacking, WebEx)

[adrotate banner=”5″]

[adrotate banner=”13″]