Cisco launched security updates to repair a Cisco Emergency Responder (CER) vulnerability that allow attackers log into unpatched techniques utilizing hard-coded credentials.
CER helps organizations reply successfully to emergencies by enabling correct location monitoring of IP telephones, permitting emergency calls to be routed to the suitable Public Security Answering Level (PSAP).
Tracked as CVE-2023-20101, the security flaw permits unauthenticated attackers to entry a focused system utilizing the basis account, which had default, static credentials that might not be modified or eliminated.
“This vulnerability is because of the presence of static consumer credentials for the basis account which might be sometimes reserved to be used throughout growth,” Cisco defined in an advisory issued at this time.
“An attacker may exploit this vulnerability by utilizing the account to log in to an affected system. A profitable exploit may permit the attacker to log in to the affected system and execute arbitrary instructions as the basis consumer.”
The corporate says the important vulnerability solely impacts Cisco Emergency Responder model 12.5(1)SU4, as proven within the desk under.
| CER Launch | Susceptible Launch | Mounted Launch |
|---|---|---|
| 11.5(1) and earlier | Not susceptible | Not susceptible |
| 12.5(1) | 12.5(1)SU4 | 12.5(1)SU5 ciscocm.CSCwh34565_PRIVILEGED_ACCESS_DISABLE.k4.cop.sha512 |
| 14 | Not susceptible | Not susceptible |
Cisco says the hard-coded credentials weak spot that permits attackers to bypass the authentication has been found throughout inner security testing.
Its Product Safety Incident Response Group (PSIRT) has not found details about public disclosures or any malicious exploitation associated to the CVE-2023-20101 vulnerability.
There are not any workarounds to mitigate this security flaw briefly, so admins are suggested to replace susceptible installations as quickly as potential.
Final week, Cisco urged prospects to patch a zero-day vulnerability (CVE-2023-20109) focused by attackers within the wild, affecting gadgets operating IOS and IOS XE software program.
Earlier this month, the corporate issued an alert relating to one other zero-day (CVE-2023-20269) in its Cisco Adaptive Safety Equipment (ASA) and Cisco Firepower Menace Protection (FTD), actively exploited by ransomware gangs to breach company networks.
US and Japanese regulation enforcement and cybersecurity businesses additionally warned of Chinese language BlackTech hackers backdooring community gadgets for preliminary entry to enterprise networks.
