Cisco, VMware addresses critical security flaws
Cisco and VMware have released security patches to address serious security flaws which malicious actors might exploit to execute arbitrary code on vulnerable computers.
A command injection hole in Cisco Industrial Network Director (CVE-2023-20036, CVSS score: 9.9) allows an attacker to execute arbitrary commands as NT AUTHORITYSYSTEM on the underlying operating system of a compromised device is the most serious vulnerability. This issue exists in the web UI component and is caused by incorrect input validation during Device Pack upload.
Cisco gave credit to an unidentified external researcher for uncovering both issues. In addition, Cisco has addressed a moderate severity file permissions vulnerability in the same product (CVE-2023-20039, CVSS score: 5.5) that an authorized, local attacker might exploit to get access to personal data. The fixes may be found in version 1.11.3.
Cisco also patched another critical flaw in the Modeling Labs network simulation platform’s external authentication mechanism. The vulnerability, identified as CVE-2023-20154 (CVSS score: 9.1), might allow an unauthenticated, remote attacker to gain administrative access to the web interface. With the release of version 2.5.1, the flaw has been addressed.
VMware also published a security advisory on a critical deserialization bug that affects different versions of Aria Operations for Logs (CVE-2023-20864, CVSS score: 9.8). Unauthenticated malicious actors with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. This vulnerability has been addressed in VMware Aria Operations for Logs 8.12, coupled with a high-severity command injection hole (CVE-2023-20865, CVSS score: 7.2) that might allow an attacker with admin capabilities to run arbitrary commands as root. The warning comes approximately three months after VMware fixed two major vulnerabilities in the same product (CVE-2022-31704 and CVE-2022-31706, CVSS scores: 9.8) that might lead to remote code execution.
The sources for this piece include an article in TheHackerNews.