Jan 26, 2024 NewsroomNetwork Security / Vulnerability
Cisco has issued patches to fix a significant security vulnerability affecting Unified Communications and Contact Center Solutions products. This vulnerability could enable an unauthenticated, remote attacker to execute arbitrary code on an affected device. Coded as CVE-2024-20253 (CVSS score: 9.9), this issue is a result of incorrect processing of user data that could be exploited by an attacker to send a specially crafted message to the target audience of a vulnerable device. Cisco stated in an advisory that “An exploit could allow an attacker to issue arbitrary commands to machines that have access to the Internet,” as well as potentially re-root the affected device.
The flaw was discovered and reported by Synacktiv security researcher Julien Egloff. The affected products include Unified Communications Manager (versions 11.5, 12.5(1), and 14), Unified Communications Manager IM & Presence Service (versions 11.5(1), 12.5(1), and 14), Unified Communications Manager Session Management module Edition (versions 11.5, 12.5(1), and 14), Unified Contact Center Express (versions 12.0 and earlier, 12.5(1)), Unity Connection (versions 11.5(1), 12.5(1), and 14), and Virtualized Voice Browser (versions 12.0 and earlier, 12.5(1), and 12.5(2)). Even though there are no workarounds for this problem, the developer of the web tool is advising users to set up access lists to reduce access when the application of the update is not immediately possible.
The company suggested, “Set access control lists (ACLs) on central devices that separate the Cisco Unified Communications or Cisco Contact Center Solutions team from users and other networks to allow access to ports for deployed services.” This disclosure comes after Cisco recently provided updates on another major security issue affecting Unity Connection (CVE-2024-20272, CVSS score: 7.3), which could also allow an adversary to issue arbitrary commands to the underlying system.
Did you find this article interesting? Follow us on Twitter and LinkedIn to read more of our content.
