Cisco has released patches for several high-severity vulnerabilities in its products, including a bug reported by the NSA. Tracked as CVE-2022-20783 (CVSS score of 7.5), is a denial of service (DoS) issue in TelePresence Collaboration Endpoint (CE) and RoomOS software, which could be exploited remotely, without authentication.
Insufficient input validation allows an attacker to send crafted H.323 traffic to a vulnerable device and cause it to reboot, either normally or in maintenance mode, thus creating a DoS condition.
Cisco patched the security hole with TelePresence CE releases 184.108.40.206 and 10.11.2.2 and with the RoomOS January 2022 release.
A high-severity vulnerability that Cisco addressed is CVE-2022-20732 with a risk score of 7.8, which is described as an elevation of privilege issue in the company’s Virtualized Infrastructure Manager (VIM) product.
Improper access permissions in VIM allow an authenticated, local attacker to access specific configuration files they should not have access to. The attacker could then obtain internal database credentials and use them to view and modify database contents.
The vulnerability was resolved with the release of Virtualized Infrastructure Manager Software version 4.2.2. If updating to a patched release is not possible, users should connect to the device’s CLI as root and secure permissions to the affected files.
Cisco also removed a static SSH host key in Umbrella virtual appliance (VA) release 3.3.2, which could be abused by an unauthenticated, remote attacker to impersonate a VA. in addition to these bugs, Cisco also fixed roughly ten medium-severity vulnerabilities including cross-site scripting (XSS), arbitrary file read, file decryption bypass, DoS, SQL injection, and cross-site request forgery (CSRF) bugs.