Security alert addresses critical bug in Cisco Voice Operating System

Critical flaws with Cisco products are nothing new, but the one thing that the company can be commended for is its promptness in dealing with these flaws. This fact is important to note, as Cisco has recently released a security advisory detailing a vulnerability in its products that utilize the Cisco Voice Operating System.

As stated in the security report, the vulnerability CVE-2017-12337 is rated “critical,” earning a 9.8 on the Common Vulnerability Scoring System, because it allows for hackers to obtain privileged access to a machine running affected products. What makes the threat so dangerous is that attacks can be carried out remotely and without any proper authentication required on the part of the attacker. With the ease of application, the number of systems that can come under attack by a prepared hacker is large, considering the numerous Cisco products affected.

Cisco explains the cause of the exploit as follows:

The vulnerability occurs when a refresh upgrade or Prime Collaboration Deployment (PCD) migration is performed on an affected device. When a refresh upgrade or PCD migration is completed successfully, an engineering flag remains enabled and could allow root access to the device with a known password.

The affected products are the following as stated by Cisco:

  • Cisco Unified Communications Manager (UCM)
  • Cisco Unified Communication Manager Session Management Edition (SME)
  • Cisco Emergency Responder
  • Cisco Unity Connection
  • Cisco Unified Communications Manager IM and Presence Service
  • Cisco Prime License Manager
  • Cisco Hosted Collaboration Mediation Fulfillment
  • Cisco Unified Contact Center Express (UCCx)
  • Cisco SocialMiner
  • Cisco Unified Intelligence Center (UIC)
  • Cisco Finesse
  • Cisco MediaSense

There is no workaround for this exploit in the Cisco Voice Operating System, but the good news is that Cisco has developed updates that remedy the situation. It is highly recommended that you install these updates as soon as possible. The last thing you want is to endanger your business with a hacker gaining privileged access.

Photo credit: Wikimedia

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Hardware RAID vs. software RAID: Pros and cons for each

RAID is a technique to virtualize independent disks into arrays for improved performance. Should you…

4 days ago

After the plague: What IT will look like in a post-COVID-19 world

COVID-19 has changed everything, but once it disappears, we will not go back to how…

4 days ago

Solved: Outlook defaults to Microsoft 365 version with Exchange server

An Exchange server with a hybrid connection to Microsoft 365 is usually pretty seamless —…

4 days ago

How chatbots are changing the way teams communicate internally

Chatots are primarily thought of as consumer-facing solutions. They bring life to customer interactions by…

4 days ago

Hakbit ransomware campaign targeting specific European countries

The newly uncovered Hakbit ransomware campaign spread via spear-phishing emails may indicate a shift in…

5 days ago

Credential stuffing: Everything you need to know to avoid being a victim

Credential stuffing is yet another weapon being used by cybercriminals. Here’s what credential stuffing is…

5 days ago