Critical Cisco Unified Communications RCE Bug Allows Root Access
The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers.
Vulnerabilities are flaws attackers can exploit to access systems or data; timely patching, isolation, and least privilege reduce the impact.
Search across headline titles and summaries.
Background for this topic.
A vulnerability is a weakness in a system’s design, code, configuration, or operating process that could allow an attacker to violate a security requirement. It may affect software, hardware, networks, cloud services, or exposed interfaces, and is not automatically exploitable: practical risk depends on factors such as exposure, required privileges, available attack paths, and existing controls. Outcomes can include unauthorized access, information disclosure, code execution, or disruption of service.
Effective vulnerability management combines accurate asset inventory with code review, security testing, scanning, and trusted vulnerability intelligence. Organizations should prioritize weaknesses affecting reachable, business-critical systems—especially when exploitation is known or requires little access—then patch or otherwise mitigate them and verify the fix. Where patching is delayed, controls such as disabling an exposed feature, restricting network access, or strengthening authentication can reduce the attack surface. Records should preserve affected versions, risk decisions, remediation owners, and validation results.
The vulnerability, tracked as CVE-2024-20253, makes enterprise communications infrastructure and customer service call centers sitting ducks for unauthenticated cyberattackers.
Bugcrowd’s latest report also recorded a 30% surge in web submissions in 2023
Cisco is warning that several of its Unified Communications Manager (CM) and Contact Center Solutions products are vulnerable to a critical severity remote code execution security issue. [...]
The maintainers of the open-source continuous integration/continuous delivery and deployment (CI/CD) automation software Jenkins have resolved nine security flaws, including a critical bug that, if successfully exploited, could result in remote code execution (RCE)
The Zero Day Initiative’s first Pwn2Own Automotive competition has handed out over $1m for 24 zero-days
Voluntary Rules Will Set Baseline Security Requirement for Software Vendors, UsersThe U.K. government is mulling the rollout of a voluntary set of rules urging software vendors to responsibly disclose vulnerabilities in their systems. The measure comes as the government continues to face criticism over poor management of legacy infrastructure.
'/..;/' Strikes AgainA security vulnerability in Fortra's GoAnywhere managed file transfer software can allow unauthorized users to create a new admin user. The vulnerability is a remotely exploitable authentication bypass flaw. Hackers have targeted file transfer software over the past year, including GoAnywhere MFT.
An emerging actor is the latest to deploy a tactic that terminates AV processes and services before deploying its payload; the campaign is part of a bigger "bring your own vulnerable driver" trend.
Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. [...]
Ancient path traversal exploit offers remote attackers admin access Security experts are wasting no time in publishing working exploits for a critical vulnerability in Fortra GoAnywhere MFT, which was publicly disclosed just over a day ago.…
The ransomware group known as Kasseika has become the latest to leverage the Bring Your Own Vulnerable Driver (BYOVD) attack to disarm security-related processes on compromised Windows hosts, joining the likes of other groups like Akira, AvosLocker, BlackByte, and RobbinHood
Exploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal. [...]
A recently uncovered ransomware operation named 'Kasseika' has joined the club of threat actors that employs Bring Your Own Vulnerable Driver (BYOVD) tactics to disable antivirus software before encrypting files. [...]
Fortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user. [...]
Malicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure
If you're still running a vulnerable instance then 'assume a breach' More than 600 IP addresses are launching thousands of exploit attempts against CVE-2023-22527 – a critical bug in out–of-date versions of Atlassian Confluence Data Center and Server – according to non-profit security org Shadowserver.…
Thousands of vulnerable servers may be open to cyberattacks exploiting the max-severity CVE-2023-46604 bug.
Apple released security updates to address this year's first zero-day vulnerability exploited in attacks that could impact iPhones, Macs, and Apple TVs. [...]
Ivanti warned admins to stop pushing new device configurations to appliances after applying mitigations because this will leave them vulnerable to ongoing attacks exploiting two zero-day vulnerabilities. [...]
Several public and popular libraries abandoned but still used in Java and Android applications have been found susceptible to a new software supply chain attack method called MavenGate