fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Cisco Bug Gives Remote Attackers Root Privileges via Debug Mode

Cisco Bug Gives Remote Attackers Root Privileges via Debug Mode

Cisco has fixed a critical security flaw discovered in the Cisco Redundancy Configuration Manager (RCM) for Cisco StarOS Software during internal security testing.

The vulnerability, tracked as CVE-2022-20649, enables unauthenticated attackers to gain remote code execution (RCE) with root-level privileges on devices running the vulnerable software.

Also Read: The Top 4W’s of Ethical Hacking

“A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in the context of the configured container,” Cisco said.

As the company further explains, the vulnerability exists due to the debug mode being incorrectly enabled for specific services.

“An attacker could exploit this vulnerability by connecting to the device and navigating to the service with debug mode enabled. A successful exploit could allow the attacker to execute arbitrary commands as the root user,” Cisco added.

However, for unauthenticated access to devices running unpatched software, the attackers would first need to perform detailed reconnaissance to discover the vulnerable services.

No in-the-wild exploitation

Cisco’s Product Security Incident Response Team (PSIRT) said that the company is not aware of exploitation of this vulnerability in ongoing attacks.

Also Read: What is Social Engineering and How Does it Work?

Today, Cisco also fixed a medium severity information disclosure bug (CVE-2022-20648) in the Cisco RCM for Cisco StarOS caused by a debug service incorrectly listening to and accepting incoming connections.

Remote attackers could exploit this second bug by executing debug commands after connecting to the debug port. Successful exploitation could allow them to access sensitive debugging information on the vulnerable device.

The company has released Cisco RCM for StarOS 21.25.4, which comes with security updates to address these flaws and is available through the Software Center on Cisco.com.

Last year, Cisco patched several other vulnerabilities that allow threat actors to execute code and commands remotely with root privileges.

For instance, it addressed critical pre-authentication RCE flaw impacting SD-WAN vManage that could enable threat actors to get root privileges on the underlying OS in May. Another pre-auth bug in the same software, allowing attackers to gain RCE as root, was fixed in April.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us