See our Managed Services and learn how we can help your firm.

Cisco Security Advisory for Multiple Products | June 2023

Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Clients Software for Windows Privilege Escalation Vulnerability

June 14, 2023

Cisco published two alerts for the following products. Please follow the steps to remediate them. For assistance, contact Patrick Boyd, Director of Operations by email, [email protected] or by phone at 646-530-8930

1. Summary

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows could allow a low-privileged, authenticated, local attacker to elevate privileges to those of SYSTEM. The client update process is executed after a successful VPN connection is established.

This vulnerability exists because improper permissions are assigned to a temporary directory that is created during the update process. An attacker could exploit this vulnerability by abusing a specific function of the Windows installer process. A successful exploit could allow the attacker to execute code with SYSTEM privileges.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw

Vulnerable Products

This vulnerability affects Cisco AnyConnect Secure Mobility Client Software for Windows and Cisco Secure Client Software for Windows.

Note: For releases earlier than Release 5.0, Cisco Secure Client for Windows is known as Cisco AnyConnect Secure Mobility Client for Windows.

Resolution

Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels.

Source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ac-csc-privesc-wx4U4Kw

Cisco Unified Communications Manager IM & Presence Service Denial of Service Vulnerability

June 14, 2023

2. Summary

This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted login message to the affected device. A successful exploit could allow the attacker to cause an unexpected restart of the authentication service, preventing new users from successfully authenticating. Exploitation of this vulnerability does not impact Cisco Unified CM IM&P users who were authenticated prior to an attack.

A vulnerability in the XCP Authentication Service of the Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to cause a temporary service outage for all Cisco Unified CM IM&P users who are attempting to authenticate to the service, resulting in a denial of service (DoS) condition.

Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-dos-49GL7rzT

Vulnerable Products

This vulnerability affects Cisco Unified CM IM&P.

Resolution

Cisco has released free software updates that address the vulnerability described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels.

Source: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-imp-dos-49GL7rzT

Contact Us

If you are a small or mid-sized law firm IT leader, the strain of security vulnerabilities, patching, and upgrades, put on your team, is preventing them from focusing on moving your firm forward in the competitive legal landscape.  With over 20 years of experience partnerships with law firms Cornerstone has become a trusted and reliable Professional IT and Managed Services resource to law firms across the nation.

Let us help you get back to your business!

Cornerstone.IT