Cisco is warning of tried exploitation of a safety flaw in its IOS Software program and IOS XE Software program that would allow an authenticated distant attacker to attain distant code execution on affected programs.
The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS rating of 6.6. It impacts all variations of the software program which have the GDOI or G-IKEv2 protocol enabled.
The corporate mentioned the shortcoming “might permit an authenticated, distant attacker who has administrative management of both a bunch member or a key server to execute arbitrary code on an affected machine or trigger the machine to crash.”
It additional famous that the problem is the results of inadequate validation of attributes within the Group Area of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN function and it may very well be weaponized by both compromising an put in key server or modifying the configuration of a bunch member to level to a key server that’s managed by the attacker.
The vulnerability is alleged to have been found following an inside investigation and supply code audit initiated after an “tried exploitation of the GET VPN function.”
The revelation comes as Cisco detailed a set of 5 flaws in Catalyst SD-WAN Supervisor (variations 20.3 to twenty.12) that would permit an attacker to entry an affected occasion or trigger a denial of service (DoS) situation on an affected system –
- CVE-2023-20252 (CVSS rating: 9.8) – Unauthorized Entry Vulnerability
- CVE-2023-20253 (CVSS rating: 8.4) – Unauthorized Configuration Rollback Vulnerability
- CVE-2023-20034 (CVSS rating: 7.5) – Data Disclosure Vulnerability
- CVE-2023-20254 (CVSS rating: 7.2) – Authorization Bypass Vulnerability
- CVE-2023-20262 (CVSS rating: 5.3) – Denial-of-Service Vulnerability
Profitable exploitation of the bugs might permit the risk actor to achieve unauthorized entry to the applying as an arbitrary person, bypass authorization and roll again controller configurations, entry the Elasticsearch database of an affected system, entry one other tenant managed by the identical occasion, and trigger a crash.
Clients are really useful to improve to a hard and fast software program launch to remediate the vulnerabilities.
