Newsspecng

Access Exposure to Vulnerabilities in Cisco Products – NCC-CSIRT

Releated Post

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users of Cisco Products to frequently review alerts that will enable them assess exposure and find a comprehensive update solution.

The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large.

This was issued in an advisory, signed by the NCC Director of Public affairs, Reuben Muoka that reached NewsSpecng on Friday.

The advisory, which also recommended using the appropriate software updates that are accessible from the vendor website, followed the identification of multiple vulnerabilities in Cisco Products, especially the Cisco AnyConnect Secure Mobility Client for Windows, which enables employees to access company servers from anywhere without compromising security.

The two vulnerabilities made it possible for a remote attacker exploit to trigger remote code execution and data manipulation on the targeted system.

According to the advisory, “The weaknesses in the product include uncontrolled search path and Dynamic Link Library (DLL) hijacking vulnerabilities. The uncontrolled search path vulnerability results from incorrect handling of directory paths. A directory path is a string of characters used to uniquely identify a location in a folder structure.

“This flaw could be exploited by an attacker by generating a malicious file and copying it to a system directory (folder). An exploit could enable the attacker to copy malicious files with system-level privileges to any location. The attacker needs legitimate Windows system credentials to exploit this vulnerability.

“Moreover, to exploit the DLL hijacking vulnerability, the attacker would also need to have valid credentials on the Windows system. The vulnerability was caused by the device’s inadequate run-time resource validation. By sending the AnyConnect process a specially designed IPC message, an attacker might take advantage of this vulnerability.”

The advisory rated the vulnerability high in impact and probability.

Leave a Reply

Your email address will not be published. Required fields are marked *

More Related Posts

Thanks for subscribing to our newsletter