HomeTechnologyNewsCisco fixes NFVIS bugs that help get root and hijack hosts

Cisco fixes NFVIS bugs that help get root and hijack hosts

- Advertisement -
- Advertisement -
- Advertisement -
- Advertisement -

[ad_1]

Cisco has addressed several security flaws found in Enterprise NFV Infrastructure Software (NFVIS), a solution that helps virtualize network services to make managing virtual network functions (VNFs) easier.

Two of them, rated critical and high severity, can be exploited by attackers to execute commands with root privileges or to escape the guest virtual machine (VM) and fully compromise NFVIS hosts.

Cisco’s Product Security Incident Response Team (PSIRT) says there is no proof-of-concept exploit code or ongoing exploit in the wild.

Root access to NFVIS hosts

One of them, a critical guest leak tracked as CVE-2022-20777, was found in the Cisco Enterprise NFVIS Next Generation Input/Output (NGIO) feature.

CVE-2022-20777 is caused by insufficient guest restrictions and allows authenticated attackers to escape the guest virtual machine and gain root-level access to the host in low-complexity attacks without requiring user interaction.

“An attacker could exploit this vulnerability by sending an API call from a virtual machine that will run with root-level privileges on the NFVIS host. A successful exploit could allow the attacker to fully compromise the NFVIS host,” Cisco explained.

The second (logged in as CVE-2022-20779) is a high severity command injection vulnerability in the Cisco Enterprise NFVIS image registration process due to incorrect input validation.

Unauthenticated attackers can remotely exploit it to inject commands that run with root privileges on the host during the image registration process in low complexity attacks that require interaction.

“An attacker could exploit this vulnerability by persuading an administrator on the host machine to install a VM image with crafted metadata that will run commands with root-level privileges during the VM registration process,” Cisco added.

“A successful exploit could allow the attacker to inject commands with root-level privileges into the NFVIS host.”

The company has released security updates to fix these flaws and said there are no fixes to address the vulnerabilities.

Cisco Enterprise NFVIS Released first fixed version
Before 4.0 Migrate to a fixed version.
4.0 4.7.1

Last month, Cisco also fixed a bug in the Cisco Umbrella Virtual Appliance (VA) that allowed unauthenticated attackers to steal administrator credentials remotely.

A week earlier, the company asked customers to apply security updates to patch a maximum severity vulnerability in the Wireless LAN Controller (WLC) software that allowed hackers to create their own login credentials.

[ad_2]

- Advertisement -
- Advertisement -
Must Read
- Advertisement -
Related News
- Advertisement -