Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug
(2025/01/23)
- Reference: 1737666008
- News link: https://www.theregister.co.uk/2025/01/23/cisco_fixes_critical_bug/
- Source link:
Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on affected devices.
Cisco Meeting Management is the management software for the tech giant's on-premises video meeting platform.
The flaw, tracked as [1]CVE-2025-20156 , exists due to a failure to enforce proper authorization for REST API users, and it's pretty easy to exploit.
[2]
"An attacker could exploit this vulnerability by sending API requests to a specific endpoint," and this could allow admin-level access over edge nodes, which are components of Cisco's video conferencing infrastructure managed by this tool, the biz warned in a Wednesday security alert.
[3]SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix
[4]Asus lets processor security fix slip out early, AMD confirms patch in progress
[5]Oracle emits 603 patches, names one it wants you to worry about soon
[6]Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch
The vulnerability affects most Cisco Meeting Management releases, regardless of device configuration, and there is no workaround at the time. There is a fix, however, so we'd suggest installing the software update that patches this hole ASAP.
For anyone using Cisco Meeting Management 3.8 and earlier: the fix involves migrating to a supported version. Release 3.9 should upgrade to version 3.9.1, and 3.10 is not affected by the vulnerability.
[7]
While the networking giant isn't aware of any in-the-wild exploits of this flaw, it's probably just a matter of time until that happens, or a Proof-of-Concept (PoC) exploit surfaces. So, get patching.
Cisco credited Modux bug hunter Ben Leonard-Lagarde with initially disclosing this vulnerability. ®
Get our [8]Tech Resources
[1] https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/patches&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z5LKB-8-7pcEO11KTVXShQAAAIE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.theregister.com/2025/01/23/sonicwall_critical_bug/
[4] https://www.theregister.com/2025/01/23/asus_amd_processor_fix/
[5] https://www.theregister.com/2025/01/23/oracle_patch_linux/
[6] https://www.theregister.com/2025/01/22/windows_server_numa_glitch/
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/patches&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z5LKB-8-7pcEO11KTVXShQAAAIE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://whitepapers.theregister.com/
Cisco Meeting Management is the management software for the tech giant's on-premises video meeting platform.
The flaw, tracked as [1]CVE-2025-20156 , exists due to a failure to enforce proper authorization for REST API users, and it's pretty easy to exploit.
[2]
"An attacker could exploit this vulnerability by sending API requests to a specific endpoint," and this could allow admin-level access over edge nodes, which are components of Cisco's video conferencing infrastructure managed by this tool, the biz warned in a Wednesday security alert.
[3]SonicWall flags critical bug likely exploited as zero-day, rolls out hotfix
[4]Asus lets processor security fix slip out early, AMD confirms patch in progress
[5]Oracle emits 603 patches, names one it wants you to worry about soon
[6]Microsoft issues out-of-band fix for Windows Server 2022 NUMA glitch
The vulnerability affects most Cisco Meeting Management releases, regardless of device configuration, and there is no workaround at the time. There is a fix, however, so we'd suggest installing the software update that patches this hole ASAP.
For anyone using Cisco Meeting Management 3.8 and earlier: the fix involves migrating to a supported version. Release 3.9 should upgrade to version 3.9.1, and 3.10 is not affected by the vulnerability.
[7]
While the networking giant isn't aware of any in-the-wild exploits of this flaw, it's probably just a matter of time until that happens, or a Proof-of-Concept (PoC) exploit surfaces. So, get patching.
Cisco credited Modux bug hunter Ben Leonard-Lagarde with initially disclosing this vulnerability. ®
Get our [8]Tech Resources
[1] https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc
[2] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/patches&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=2&c=2Z5LKB-8-7pcEO11KTVXShQAAAIE&t=ct%3Dns%26unitnum%3D2%26raptor%3Dcondor%26pos%3Dtop%26test%3D0
[3] https://www.theregister.com/2025/01/23/sonicwall_critical_bug/
[4] https://www.theregister.com/2025/01/23/asus_amd_processor_fix/
[5] https://www.theregister.com/2025/01/23/oracle_patch_linux/
[6] https://www.theregister.com/2025/01/22/windows_server_numa_glitch/
[7] https://pubads.g.doubleclick.net/gampad/jump?co=1&iu=/6978/reg_security/patches&sz=300x50%7C300x100%7C300x250%7C300x251%7C300x252%7C300x600%7C300x601&tile=4&c=44Z5LKB-8-7pcEO11KTVXShQAAAIE&t=ct%3Dns%26unitnum%3D4%26raptor%3Dfalcon%26pos%3Dmid%26test%3D0
[8] https://whitepapers.theregister.com/