Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

CVE-2017-3792 – Cisco TelePresence MCU affected by a Remote Code Execution issue

A critical flaw tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform, MCU 5300 Series, MSE 8510 and MCU 4500. A critical vulnerability tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform. Cisco TelePresence MCU platform is a high-definition multimedia conferencing bridge that is widely adopted due to its […]

CVE-2017-3792 – Cisco TelePresence MCU affected by a Remote Code Execution issue

A critical flaw tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform, MCU 5300 Series, MSE 8510
and MCU 4500.

A critical vulnerability tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform.

Cisco TelePresence MCU platform is a high-definition multimedia conferencing bridge that is widely adopted due to its ability to work with endpoint systems of the many vendors.

The flaw could be exploited by attackers to remotely execute code on the affected systems or to trigger a denial-of-service (DoS) condition. The flaw was discovered during the resolution of a support case.

The vulnerability affects a proprietary device driver in the kernel of the Cisco TelePresence Multipoint Control Unit (MCU) Software running on platform models 4500, MSE 8510 and 5300 Series.

An attacker could exploit the flaw to trigger a buffer overflow and execute an arbitrary code or cause a DoS condition on the vulnerable system.

“A vulnerability in a proprietary device driver in the kernel of Cisco TelePresence Multipoint Control Unit (MCU) Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.” reads the Cisco security bulletin

“The vulnerability is due to improper size validation when reassembling fragmented IPv4 or IPv6 packets. An attacker could exploit this vulnerability by sending crafted IPv4 or IPv6 fragments to a port receiving content in Passthrough content mode. An exploit could allow the attacker to overflow a buffer. If successful, the attacker could execute arbitrary code or cause a DoS condition on the affected system.”

Systems running software version 4.3(1.68) or later configured for “Passthrough” content mode are affected by the flaw.

Cisco issued two security updates for MSE 8510 and 5300 Series users, the Cisco TelePresence MCU 4500 platform will not be fixed because it has reached the end-of-software on July 9, 2016.

Cisco confirmed that there are no workarounds to fix the flaw. In order to prevent exploitation of this vulnerability, the company suggests configuring the CISCO TelePresence MCU Software to use Transcoded content mode instead of Passthrough content mode.

[adrotate banner=”9″]

Pierluigi Paganini

(Security Affairs – Cisco TelePresence MCU, CVE-2017-3792)