Security News > 2024 > January > Cisco says critical Unity Connection bug lets attackers get root
Cisco has patched a critical Unity Connection security flaw that can let unauthenticated attackers remotely gain root privileges on unpatched devices.
Unity Connection is a fully virtualized messaging and voicemail solution for email inboxes, web browsers, Cisco Jabber, Cisco Unified IP Phone, smartphones, or tablets with high availability and redundancy support.
Today, Cisco also patched ten medium-severity security vulnerabilities in multiple products, allowing attackers to escalate privileges, launch cross-site scripting attacks, inject commands, and more.
Although attackers could exploit this bug to execute arbitrary commands with root privileges on unpatched devices, administrative credentials are also required for successful exploitation.
Cisco says it will not release firmware updates to patch the CVE-2024-20287 security flaw because the Cisco WAP371 device reached end-of-life in June 2019.
In October, Cisco also patched two zero-days exploited to hack over 50,000 IOS XE devices within a single week.
News URL
Related news
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- Critical Kubernetes Image Builder flaw gives SSH root access to VMs (source)
- Critical default credential in Kubernetes Image Builder allows SSH root access (source)
- Critical Kubernetes Image Builder Vulnerability Exposes Nodes to Root Access Risk (source)
- VMware fixes critical RCE, make-me-root bugs in vCenter - for the second time (source)
- Cisco bug lets hackers run commands as root on UWRB access points (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-17 | CVE-2024-20287 | Command Injection vulnerability in Cisco Wap371 Firmware A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual Radio Access Point (AP) with Single Point Setup could allow an authenticated, remote attacker to perform command injection attacks against an affected device. | 7.2 |