Security News > 2024 > January > Critical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms Systems
2024-01-26 05:13
Cisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS score: 9.9), the issue stems from improper processing of user-provided data that a threat actor could abuse to send a
News URL
https://thehackernews.com/2024/01/critical-cisco-flaw-lets-hackers.html
Related news
- Critical Cisco bug lets hackers add root users on SEG devices (source)
- Hackers target new MOVEit Transfer critical auth bypass bug (source)
- Hackers exploit critical D-Link DIR-859 router flaw to steal passwords (source)
- Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware (source)
- CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool (source)
- Cisco SSM On-Prem bug lets hackers change any user's password (source)
- Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager (source)
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) (source)
- CISA warns of hackers abusing Cisco Smart Install feature (source)
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-26 | CVE-2024-20253 | Unspecified vulnerability in Cisco products A vulnerability in multiple Cisco Unified Communications and Contact Center Solutions products could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. | 10.0 |