Security News > 2024 > April > Cisco discloses root escalation flaw with public exploit code
Cisco has released patches for a high-severity Integrated Management Controller vulnerability with public exploit code that can let local attackers escalate privileges to root.
"A vulnerability in the CLI of the Cisco Integrated Management Controller could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root," the company explains.
It also exposes a long list of other products to attacks if they're configured to provide access to the vulnerable Cisco IMC CLI. Cisco's Product Security Incident Response Team also warned in today's advisory that proof-of-concept exploit code is already available, but luckily, threat actors have yet to start targeting the vulnerability in attacks.
More recently, Cisco warned of a large-scale and ongoing credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices after urging customers to mitigate password-spraying attacks against Remote Access VPN services configured on Cisco Secure Firewall devices.
Cisco warns of large-scale brute-force attacks against VPN services.
Cisco warns of password-spraying attacks targeting VPN services.
News URL
Related news
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)
- Exploits for unpatched Parallels Desktop flaw give root on Macs (source)
- PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)