Security News > 2024 > January > Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems
2024-01-26 05:13
Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems from improper processing of user-provided data that a threat actor could abuse to send a
News URL
https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html
Related news
- Hackers lurked in Treasury OCC’s systems since June 2023 breach (source)
- Critical FortiSwitch flaw lets hackers change admin passwords remotely (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Cisco Webex bug lets hackers gain code execution via meeting links (source)
- Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised (source)
- U.S. Charges Yemeni Hacker Behind Black Kingdom Ransomware Targeting 1,500 Systems (source)
- CISA warns of hackers targeting critical oil infrastructure (source)
- China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide (source)
- Hackers are exploiting critical flaw in vBulletin forum software (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-26 | CVE-2024-20253 | Deserialization of Untrusted Data vulnerability in Cisco products A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 10.0 |