“Cisco Fixes Major Security Vulnerabilities in Collaboration Software”

Cisco Patches Critical Vulnerability in Enterprise Collaboration Solutions

On June 8th, 2023, Cisco announced the release of patches for a critical vulnerability in its Expressway series and TelePresence Video Communication Server (VCS) enterprise collaboration and video communication solutions. The vulnerability is identified as CVE-2023-20105 with a CVSS 9.6 score, and it enables a user with ‘read-only’ rights to elevate their privileges to ‘read-write.’ Cisco also states that a relatively high-severity vulnerability, CVE-2023-20192 leading to escalation of privilege, in CLI access granted to a read-only administrator on Expressway series and TelePresence VCS deployments is also addressed via patches.

The Technical Details

The vulnerability (CVE-2023-20105) which has a CVSS score of 9.6, was found in Cisco Expressway Series and TelePresence Video Communication Server (VCS) devices used for enterprise collaboration and video communications. The vulnerability is due to incorrect handling of the password change request, which allows unauthorized “read-only” users to craft and send a request to change the password for any user account on the system, including that of a “read-write” administrator. The attacker could then impersonate the system administrator. This vulnerability could enable an attacker to gain complete control of a system, including monitoring, stealing, modifying, and deleting confidential data.

Security Implications

The vulnerability, which could enable an unauthorized user to become a “read-write” administrator, has the potential to expose extremely sensitive data. This could lead to information theft, unauthorized system access, and further cyberattacks. Cybercriminals may exploit CVE-2023-20105 to gain access to valuable financial data, personal and private information, intellectual property, and other assets.

Additionally, the vulnerability could affect the image and reputation of companies that use the impacted software, leading to financial losses and reputational damage. Cisco states that no reports of this vulnerability being exploited have been received so far, but it is critical to be aware of and address this issue urgently.

Editorial & Advice

This incident highlights the vulnerability of software that is crucial to an organization’s day-to-day operations and underlines the necessity of regularly updating and patching the software. Companies must carry out due diligence to ensure that all software used is up-to-date and securely configured. Timely updates and patching of systems can mitigate or prevent the risk of unauthorized access, leading to serious breaches and cyberattacks.

This case also serves as another reminder that cyberattacks are constantly evolving, and even the most sophisticated software may contain vulnerabilities and can be exploited. Therefore, a strong security culture, regular software updating, staff training, and robust security policies can go a long way toward reducing the risks of such threats.

Conclusion

Organizations worldwide rely on Cisco‘s Expressway series, TelePresence VCS, and other software used for enterprise collaboration and video communications. Therefore, patches and updates for critical vulnerabilities, including CVE-2023-20105 and CVE-2023-20192, must be prioritized and immediately applied. Companies must consider keeping up-to-date inventory lists, regularly checking for software updates, and verifying that all network/ system configurations and permissions comply with the latest security policies and standards to minimize security risks.