The manufacturer has provided updates for several communication products from the Cisco portfolio, some of which close critical security gaps. IT managers who use the affected software should import the available updates as soon as possible.
Serious security vulnerabilities
A critical vulnerability is found in the Cisco Expressway Series and Cisco TelePresence Video Communication Server. Due to insufficient input checks, an attacker could log on to the system with administrative read and write rights and pass manipulated input to the affected command. He could overwrite any files in the underlying operating system as root user and take over the system as a logical consequence (CVE-2022-20812, CVSS 9.0risk “critical“).
In addition, so-called null byte poisoning can enable unregistered attackers from the network to access sensitive data without authorization. The error is based on insufficient certificate validation, Cisco writes in the security advisory for this and the previous vulnerability (CVE-2022-20813, CVSS 7.4, high). To exploit the vulnerability, an attacker could use man-in-the-middle techniques to intercept traffic between devices and use a manipulated certificate to impersonate the endpoint. After a successful attack, an attacker could read the intercepted traffic in plain text or change its content.
In Cisco’s Smart Software Manager in the on-premises version installed locally in the network, malicious authenticated actors from the network could provoke a denial-of-service of the device. In the security advisory, the vendor explains that by improperly handling multiple simultaneous device enrollments, an attacker could send multiple device enrollment requests to an affected device, rendering it inoperable (CVE-2022-20808, CVSS 7.7, high).
Even more vulnerabilities
Cisco has released a few more security advisories about vulnerabilities. They are listed below in descending order of severity:
Cisco Unified Communications Products Arbitrary File Read Vulnerability (CVE-2022-20791, CVSS 6.5, medium)
Cisco Unified Communications Products Access Control Vulnerability (CVE-2022-20859, CVSS 6.5, medium)
Cisco Unified Communications Products Cross-Site Scripting Vulnerability (CVE-2022-20800, CVSS 6.1, medium)
Cisco Unified Communications Products Cross-Site Scripting Vulnerability (CVE-2022-20815, CVSS 6.1, medium)
Cisco Unified Communications Products Timing Attack Vulnerability (CVE-2022-20752, CVSS 5.3, medium)
Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability (CVE-2022-20768, CVSS 4.9, medium)
Cisco Unified Communications Manager Arbitrary File Read Vulnerability (CVE-2022-20862, CVSS 4.3, medium)
Administrators should quickly update the vulnerable software to keep the attack surface as small as possible.