In today's digital world, cybersecurity is crucial due to the increased risk of cyberattacks. To protect users from potential threats, technology providers Cisco and VMware have released security updates. This blog discusses the updates and how they can improve your organization's security.
Cisco and VMware have recently released security updates to address significant vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The most critical vulnerability is a command injection flaw in Cisco Industrial Network Director (CVE-2023-20036, CVSS score: 9.9), caused by improper input validation when uploading a Device Pack in the web UI component.
Exploiting the command injection flaw in Industrial Network Director could allow attackers to execute arbitrary commands as NT AUTHORITY\SYSTEM. A medium-severity file permissions vulnerability has also been addressed, which could allow authenticated local attackers to view sensitive information.
Cisco has patched two vulnerabilities in Industrial Network Director, including a critical command injection flaw (CVE-2023-20036, CVSS score: 9.9). Version 1.11.3 is now available with the necessary patches. Another critical vulnerability (CVE-2023-20154, CVSS score: 9.1) in Modeling Labs' external authentication mechanism has been fixed, which allows remote attackers to gain administrative privileges and access the web interface.
VMware has also released an update for Aria Operations for Logs to address a critical deserialization flaw (CVE-2023-20864, CVSS score: 9.8) that affects multiple versions of the software. This vulnerability allows attackers with network access to execute arbitrary code as root without authentication. The fix for this flaw is included in version 8.12, which also addresses a high-severity command injection flaw (CVE-2023-20865, CVSS score: 7.2).
Users of version 8.10.2 of Industrial Network Director have been advised by Cisco to immediately patch the CVE-2023-20864 vulnerability. This comes after two critical issues (CVE-2022-31704 and CVE-2022-31706) in the same product were recently patched. Given that Cisco and VMware appliances have been targeted by cyber attackers lately, users are strongly advised to update their software as soon as possible to minimize the risks.
To update your device, access the Cisco security update from their Advisories & Alerts page and download the update for your specific product. For VMware, search for the security update on the VMware Knowledge Base. Install the update onto your device by launching the Cisco software and selecting the "Install Updates" option, or manually installing the update for VMware and following on-screen prompts. Restart your device once the installation is complete. Verify that the update was properly installed by checking for updates in the Cisco software or checking the Help section for VMware products.
In addition to staying up-to-date on security updates, taking a proactive approach to risk-based vulnerability management is crucial. Protect your organization's digital assets with risk-based vulnerability management services from Armoryze. Our team of experts uses advanced tools and techniques to identify and prioritize vulnerabilities based on the level of risk they pose. Contact us today to learn more about how we can help you stay one step ahead of potential threats.