Cisco has released software updates that address the Enterprise Network Function Virtualization Infrastructure Software (NFVIS) vulnerabilities.
The security updates recently released contains three vulnerabilities that affect Cisco Enterprise NFVIS in the default configuration.
Among these three vulnerabilities, two flaws were rated critical, and one is rated high severity.
Here an attacker can exploit these vulnerabilities to run arbitrary commands with root privileges or even escape the guest VM as well to have fully taken over the NFVIS hosts. They are,
CVE-2022-20777
A vulnerability in the Next Generation Input/Output (NGIO) feature of Cisco Enterprise NFVIS could allow an authenticated, remote attacker to escape from the guest VM to gain unauthorized root-level access on the NFVIS host.
This vulnerability is due to insufficient guest restrictions. An attacker could exploit this vulnerability by sending an API call from a VM that will execute with root-level privileges on the NFVIS host.
A successful exploit could allow the attacker to compromise the NFVIS host completely.
- Security Impact Rating (SIR): Critical
- CVSS Base Score: 9.9
CVE-2022-20779
A vulnerability in the image registration process of Cisco Enterprise NFVIS could allow an unauthenticated, remote attacker to inject commands that execute at the root level on the NFVIS host during the image registration process.
This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by persuading an administrator on the host machine to install a VM image with crafted metadata that will execute commands with root-level privileges during the VM registration process.
A successful exploit could allow the attacker to inject commands with root-level privileges into the NFVIS host.
- Security Impact Rating (SIR): High
- CVSS Base Score: 8.8
CVE-2022-20780
A vulnerability in the import function of Cisco Enterprise NFVIS could allow an unauthenticated, remote attacker to leak system data from the host to any configured VM.
This vulnerability is due to the resolution of external entities in the XML parser. An attacker could exploit this vulnerability by persuading an administrator to import a crafted file that will read data from the host and write it to any configured VM.
A successful exploit could allow the attacker to access system information from the host, such as files containing user data, on any configured VM.
- Security Impact Rating (SIR): High
- CVSS Base Score: 7.4
CONCLUSION
The vulnerabilities are not dependent on one another. Exploitation of one of the vulnerabilities is not required to exploit another vulnerability.
In addition, a software release affected by one of the vulnerabilities may not be affected by the other vulnerabilities.
Currently, there is no workaround available for these flaws which means security updates released by the company are a must.
Leave A Comment