Last Updated on 23/01/2022 by Nidhi Khandelwal
Cisco Systems has released patches for a significant security hole in Cisco StarOS Software’s Redundancy Configuration Manager (RCM) that could allow an unauthenticated, remote attacker to execute arbitrary code and seize control of susceptible workstations.
The vulnerability, which has been assigned the number CVE-2022-20649 (CVSS: 9.0), originates from the fact that the debug mode for specified services has been inadvertently enabled.
In a security alert, Cisco stated, “An attacker might exploit this vulnerability by connecting to the device and browsing to the service with debug mode enabled.” “If the exploit is effective, the attacker will be able to run arbitrary commands as the root user.”
The network equipment maker, however, noted that the adversary would need to perform detailed reconnaissance to allow for unauthenticated access to vulnerable devices.
Cisco said the flaw was identified during internal security testing and that no evidence of active exploitation in malicious attacks was detected.
“An attacker might exploit this vulnerability by inserting commands into this process during execution,” the report stated. “With the privileges of the management framework, a successful exploit might allow the attacker to run arbitrary commands on the underlying operating system.”
