Cisco has addressed critical several security issues, one with a severity rating of 9.9/10. The primary flaw concerns Cisco Jabber software, a web conferencing and instant messaging app that allows users to send messages via Extensible Messaging and Presence Protocol (XMPP). The vulnerability was reported by Olav Sortland Thoresen of Watchcom. Cisco’s Product Security Incident Response Team (PSIRT) says that the flaw is not known to be currently exploited in the wild. The security flaw tracked as CVE-2021-1411 and rated by Cisco with a 9.9/10 severity score, and it is caused by improper input validation of incoming messages’ contents. To exploit this flaw, the attacker would have to be authenticated to an XMPP server and use the vulnerable server to send malicious XMPP messages. This vulnerability does not affect Cisco Jabber client software configured for Team Messaging or Phone-only modes. “A successful exploit could allow the attacker to cause the application to execute arbitrary programs on the targeted system with the privileges of the user account that is running the Cisco Jabber client software, which could result in arbitrary code execution,” Cisco’s advisory explains. Four other bugs were patched that could enable remote attackers to execute arbitrary programs, gain access to sensitive information, and trigger denial-of-service states after exploiting them on devices running unpatched software.
Written by: Nataliia Zdrok, Threat Intelligence Analyst at Binary Defense Russia’s invasion of Ukraine increased