Cisco Issues Patch for Critical Enterprise NFVIS Flaw — PoC Exploit Available

Nested Applications

Asset Publisher

News

Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms.

Cisco has patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software (NFVIS) that could be exploited by an attacker to take control of an affected system.

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S.

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update.

Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition.

We are a member of First

We are a member of First

 

 

contactpic

 

 

Most Viewed Assets

null Cisco Issues Patch for Critical Enterprise NFVIS Flaw — PoC Exploit Available

Cisco has patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software (NFVIS) that could be exploited by an attacker to take control of an affected system.

 

Tracked as CVE-2021-34746, the weakness has been rated 9.8 out of a maximum of 10 on the Common Vulnerability Scoring System (CVSS) and could allow a remote attacker to circumvent authentication and log in to a vulnerable device as an administrator.

 

The network equipment maker said it's aware of a publicly available proof-of-concept (PoC) exploit code targeting the vulnerability, but added it's not detected any successful weaponization attempts in the wild.

 

The issue is caused due to incomplete validation of user-supplied input that's passed to an authentication script during the sign-in process, enabling an attacker to inject parameters into an authentication request. "A successful exploit could allow the attacker to bypass authentication and log in as an administrator to the affected device". 


It's worth pointing out that enterprise NFVIS deployments are impacted by this vulnerability only if TACACS external authentication method is configured on a targeted device, which can be determined by running the "show running-config tacacs-server" command. "If the output of the show running-config tacacs-server command is No entries found, the TACACS external authentication feature is not enabled" .

 

The patches come a little over a week after Cisco rolled out updates to address a critical security vulnerability (CVE-2021-1577) affecting the Application Policy Infrastructure Controller (APIC) interface used in its Nexus 9000 Series Switches that could be potentially abused to read or write arbitrary files on a vulnerable system.

 

The company is also in the process of readying fixes for a zero-day bug (CVE-2021-1585) in its Adaptive Security Device Manager (ADSM) Launcher that could allow an unauthenticated, remote attacker to execute arbitrary code on a user's operating system.

Nested Applications

Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270

                            +251-993531965

                            +251-944-33-68-02

E-mail: ethiocert@insa.gov.et

P.O.Box: 124498

Asset Publisher

tools

Nested Applications

Asset Publisher

values

Values

  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving