Cisco released a patch for multiple vulnerabilities that would allow remote attackers to takeover infected devices. The updates address vulnerabilities affecting several Cisco products: its unified computing system (UCS), modular encoding platform, and Firepower 9000 series.
The UCS manager and Firepower 9000 series vulnerabilities (bug IDs CSCur90888 and CSCux10615) were discovered by Jens Krabbenhoeft. The flaw could allow unauthenticated, remote attackers to execute arbitrary commands on the devices. The malicious code could be executed by an attacker sending specially crafted HTTP requests to the affected system.
The modular encoding platform D9036 contains a vulnerability in which the superuser's credentials are static and hard-coded, and cannot be changed without impeding the functionality of the multi-format encoding appliance. The bug was discovered by the equipment maker during support calls. The root account password is publicly known. The patch will not change the hard-coded password, but once updated, administrators can manually change the password.
Workarounds are not available for the vulnerabilities, the company said.
This week, the San Jose, California-headquartered equipment manufacturer released its annual security report, in which it stated that time to detection decreased to about 17 hours this year.
“Time to detection will continue to vary as the cat and mouse game plays out between attackers and defenders,” wrote Fred Kost, SVP at HyTrust, in an email obtained by SCMagazine.com. “Part of the challenge for enterprises is the improving ability of attackers to remain covert once they gain access to the network and servers, driving the need to have better segmentation and controls on what privileges users have, especially as virtualization and cloud makes access to a greater number of systems more likely.”