• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
new high severity vulnerabilities discovered in cisco iox and f5 big ip

New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products

You are here: Home / General Cyber Security News / New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
February 3, 2023

F5 has warned of a high-severity flaw impacting Massive-IP appliances that could direct to denial-of-service (DoS) or arbitrary code execution.

The issue is rooted in the iControl Very simple Item Access Protocol (Cleaning soap) interface and influences the pursuing variations of Big-IP –

  • 13.1.5
  • 14.1.4.6 – 14.1.5
  • 15.1.5.1 – 15.1.8
  • 16.1.2.2 – 16.1.3, and
  • 17..

“A format string vulnerability exists in iControl Cleaning soap that makes it possible for an authenticated attacker to crash the iControl Cleaning soap CGI system or, possibly execute arbitrary code,” the organization stated in an advisory. “In equipment mode Big-IP, a productive exploit of this vulnerability can allow for the attacker to cross a security boundary.”

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Tracked as CVE-2023-22374 (CVSS score: 7.5/8.5), security researcher Ron Bowes of Fast7 has been credited with finding and reporting the flaw on December 6, 2022.

Specified that the iCOntrol Cleaning soap interface operates as root, a effective exploit could permit a threat actor to remotely set off code execution on the gadget as the root user. This can be reached by inserting arbitrary format string characters into a query parameter that is handed to a logging perform termed syslog, Bowes claimed.

F5 famous that it has addressed the difficulty in an engineering hotfix that is out there for supported variations of Massive-IP. As a workaround, the enterprise is recommending buyers restrict entry to the iControl Soap API to only dependable consumers.

Cisco Patches Command Injection Bug in Cisco IOx

The disclosure comes as Cisco unveiled updates to correct a flaw in Cisco IOx application hosting natural environment (CVE-2023-20076, CVSS score: 7.2) that could open up the door for an authenticated, distant attacker to execute arbitrary instructions as root on the fundamental host functioning program.

The vulnerability impacts products functioning Cisco IOS XE Program and have the Cisco IOx aspect enabled, as well as 800 Collection Industrial ISRs, Catalyst Accessibility Details, CGR1000 Compute Modules, IC3000 Industrial Compute Gateways, IR510 WPAN Industrial Routers.

Cybersecurity firm Trellix, which identified the issue, claimed it could be weaponized to inject destructive packages in a fashion that can persist method reboots and firmware upgrades, leaving which can only be taken off immediately after a factory reset.

“A bad actor could use CVE-2023-20076 to maliciously tamper with one particular of the influenced Cisco gadgets wherever together this provide chain,” it explained, warning of the likely offer chain threats. “The amount of obtain that CVE-2023-20076 presents could allow for for backdoors to be set up and concealed, creating the tampering solely clear for the close user.”

While the exploit necessitates the attacker to be authenticated and have admin privileges, it is truly worth noting that adversaries can find a wide variety of techniques to escalate privileges, these types of as phishing or by banking on the likelihood that consumers could have failed to alter the default qualifications.

Also found by Trellix is a security test bypass through TAR archive extraction, which could enable an attacker to write on the underlying host working process as the root consumer.

The networking machines major, which has given that remediated the defect, claimed the vulnerability poses no speedy risk as “the code was put there for long term application packaging assistance.”

Identified this report interesting? Observe us on Twitter  and LinkedIn to go through much more distinctive material we put up.


Some components of this post are sourced from:
thehackernews.com

Previous Post: «cisa alert: oracle e business suite and sugarcrm vulnerabilities under attack CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
Next Post: Atlassian’s Jira Software Found Vulnerable to Critical Authentication Vulnerability atlassian's jira software found vulnerable to critical authentication vulnerability»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.