Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.

Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems

March 25, 2021

Cisco on Wednesday launched software program updates to handle a number of vulnerabilities affecting its Jabber messaging shoppers throughout Home windows, macOS, Android, and iOS.

Profitable exploitation of the failings might allow an “attacker to execute arbitrary packages on the underlying working system with elevated privileges, entry delicate data, intercept protected community visitors, or trigger a denial of service (DoS) situation,” the networking main said in an advisory.

The problems concern a complete of 5 safety vulnerabilities, three of which (CVE-2021-1411, CVE-2021-1417, and CVE-2021-1418) had been reported to the corporate by Olav Sortland Thoresen of Watchcom, with two others (CVE-2021-1469 and CVE-2021-1471) uncovered throughout inside safety testing.

Cisco notes that the failings aren’t depending on each other, and that exploitation of any one of many vulnerabilities would not hinge on the exploitation of one other. However with a view to do that, an attacker must be authenticated to an Extensible Messaging and Presence Protocol (XMPP) server working the susceptible software program, in addition to have the ability to ship XMPP messages.

CVE-2021-1411, which issues an arbitrary program execution vulnerability in its Home windows app, can also be essentially the most important, with a CVSS rating of 9.9 out of a most of 10. Based on Cisco, the flaw is because of improper validation of message content material, thus making it attainable for an attacker to ship specially-crafted XMPP messages to the susceptible shopper and execute arbitrary code with the identical privileges as that of the person account working the software program.

Moreover CVE-2021-1411, 4 different Jabber flaws have additionally been fastened by Cisco, counting —

  • CVE-2021-1469 (Home windows) – A problem with improper validation of message content material that might lead to arbitrary code execution.
  • CVE-2021-1417 (Home windows) – A failure to validate message content material that might be leveraged to leak delicate data, which might then gasoline additional assaults.
  • CVE-2021-1471 (Home windows, macOS, Android, iOS) – A certificates validation vulnerability that might be abused to intercept community requests and even modify connections between the Jabber shopper and a server
  • CVE-2021-1418 (Home windows, macOS, Android, iOS) – A problem arising from improper validation of message content material that might be exploited by sending crafted XMPP messages to trigger a denial-of-service (DoS) situation.

That is removed from the primary time Norwegian cybersecurity agency Watchcom has uncovered flaws in Jabber shoppers. In September 2020, Cisco resolved four flaws in its Home windows app that might allow an authenticated, distant attacker to execute arbitrary code. However after three of the 4 vulnerabilities weren’t “sufficiently mitigated,” the corporate ended up releasing the second round of patches in December.

Along with the repair for Jabber, Cisco has additionally revealed 37 other advisories that go into element about safety updates for numerous medium and excessive severity safety points affecting varied Cisco merchandise.

Posted in SecurityTags:
Write a comment