Security News > 2024 > April > Cisco discloses root escalation flaw with public exploit code

Cisco discloses root escalation flaw with public exploit code
2024-04-17 17:25

Cisco has released patches for a high-severity Integrated Management Controller vulnerability with public exploit code that can let local attackers escalate privileges to root.

"A vulnerability in the CLI of the Cisco Integrated Management Controller could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root," the company explains.

It also exposes a long list of other products to attacks if they're configured to provide access to the vulnerable Cisco IMC CLI. Cisco's Product Security Incident Response Team also warned in today's advisory that proof-of-concept exploit code is already available, but luckily, threat actors have yet to start targeting the vulnerability in attacks.

More recently, Cisco warned of a large-scale and ongoing credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices after urging customers to mitigate password-spraying attacks against Remote Access VPN services configured on Cisco Secure Firewall devices.

Cisco warns of large-scale brute-force attacks against VPN services.

Cisco warns of password-spraying attacks targeting VPN services.


News URL

https://www.bleepingcomputer.com/news/security/cisco-discloses-root-escalation-flaw-with-public-exploit-code/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751