Cisco 發布多種產品的安全更新

風險等 級: 高度威脅
摘   要:

Cisco 多個產品存在安全性弱點,遠端攻擊者可以利用這些弱點來控制受影響的系統!

影響系 統:
  • IP Conference Phone 7832
  • IP Conference Phone 7832 with Multiplatform Firmware
  • IP Conference Phone 8832
  • IP Conference Phone 8832 with Multiplatform Firmware
  • IP Phone 6821, 6841, 6851, 6861, 6871 with Multiplatform Firmware
  • IP Phone 7811, 7821, 7841, 7861 Desktop Phones
  • IP Phone 7811, 7821, 7841, 7861 Desktop Phones with Multiplatform Firmware
  • IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones
  • IP Phone 8811, 8841, 8851, 8861, 8845, 8865 Desktop Phones with Multiplatform Firmware
  • Unified IP Conference Phone 8831
  • Unified IP Conference Phone 8831 for Third-Party Call Control
  • Wireless IP Phone 8821, 8821-EX
  • Nexus 3000 Series Switches
  • Nexus 5500 Platform Switches
  • Nexus 5600 Platform Switches
  • Nexus 6000 Series Switches
  • Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
  • Nexus 9000 Series Switches in standalone NX-OS mode
  • UCS 6200 Series Fabric Interconnects
  • UCS 6300 Series Fabric Interconnects
  • UCS 6400 Series Fabric Interconnects
  • Video Surveillance 3000 Series IP Cameras
  • Video Surveillance 4000 Series High-Definition IP Cameras
  • Video Surveillance 4300E and 4500E High-Definition IP Cameras
  • Video Surveillance 6000 Series IP Cameras
  • Video Surveillance 7000 Series IP Cameras
  • Video Surveillance PTZ IP Cameras
  • ASR 9000 Series Aggregation Services Routers
  • Carrier Routing System (CRS)
  • IOS XRv 9000 Router
  • Network Convergence System (NCS) 540 Series Routers
  • Network Convergence System (NCS) 560 Series Routers
  • Network Convergence System (NCS) 1000 Series Routers
  • Network Convergence System (NCS) 5000 Series Routers
  • Network Convergence System (NCS) 5500 Series Routers
  • Network Convergence System (NCS) 6000 Series Routers
  • ASR 9000 Series Aggregation Services Routers
  • Carrier Routing System (CRS)
  • Firepower 4100 Series
  • Firepower 9300 Security Appliances
  • IOS XRv 9000 Router
  • MDS 9000 Series Multilayer Switches
  • Network Convergence System (NCS) 540 Series Routers
  • Network Convergence System (NCS) 560 Series Routers
  • Network Convergence System (NCS) 1000 Series
  • Network Convergence System (NCS) 5000 Series
  • Network Convergence System (NCS) 5500 Series
  • Network Convergence System (NCS) 6000 Series
  • Nexus 1000 Virtual Edge for VMware vSphere
  • Nexus 1000V Switch for Microsoft Hyper-V
  • Nexus 1000V Switch for VMware vSphere
  • Nexus 3000 Series Switches
  • Nexus 5500 Platform Switches
  • Nexus 5600 Platform Switches
  • Nexus 6000 Series Switches
  • Nexus 7000 Series Switches
  • Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode
  • Nexus 9000 Series Switches in standalone NX-OS mode
  • UCS 6200 Series Fabric Interconnects
  • UCS 6300 Series Fabric Interconnects
  • UCS 6400 Series Fabric Interconnects
解決辦 法:

Cisco 已經發布了更新版本,可更新版本來修復這些弱點,以下為各產品更新版連結

Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability
Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerability
Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability
Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability
細節描 述:

  Cisco IP Phone Cisco Discovery Protocol 輸入驗證錯誤弱點

  • 該弱點是由於網路系統或產品未對輸入的資料進行正確的驗證,攻擊者可以通過向目標IP電話發送精心製作的CDP封包來利用此弱 點,成功的利用可能使攻擊者能夠以root權限遠程執行程式碼或導致重新加載受影響的IP電話,從而導致阻斷服務(DoS)狀態。

Cisco NX-OS Software Cisco Discovery Protocol 緩存區錯誤弱點

  • 該弱點是由於網路系統或產品在記憶體上執行時,未正確驗證邊界檢查,導致向其它關聯的記憶體上執行了錯誤的讀寫操作,攻擊者可利 用該弱點導致緩存區溢出等,攻擊者可以通過將惡意的CDP封包發送到受影響的設備來利用此弱點,成功的利用可能使攻擊者導致堆疊溢位,這可能使攻擊者可以 在受影響的設備上以管理權限執行任意任意程式碼。

Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol 輸入驗證錯誤弱點

  • 該弱點是由於網路系統或產品未對輸入的資料進行正確的驗證,攻擊者可以通過向目標IP攝影機發送惡意的CDP封包來利用此弱點, 成功利用此弱點可能使攻擊者以執行遠端程式碼於受影響的IP攝影機,或使其意外重新加載,從而導致阻斷服務(DoS)狀態。 

Cisco IOS XR Cisco Discovery Protocol 格式化字符串錯誤弱點

  • 該弱點是由於網路系統或產品接收外部格式化字符串作為參數時,對參數類型、數量等過濾不嚴謹,攻擊者可以通過將惡意的CDP封包 發送到受影響的設備來利用此弱點,成功的利用可能使攻擊者導致堆疊溢位,這可能使攻擊者可以在受影響的設備上以管理權限執行任意程式碼。

Cisco FXOS、Cisco IOS XR、Cisco NX-OS Cisco Discovery Protocol 輸入驗證錯誤弱點

  • 該弱點是由於網路系統或產品未對輸入的資料進行正確的驗證,受影響的軟體CDP缺少檢查所致,攻擊者可以通過將惡意的CDP封包 發送到受影響的設備來利用此弱點,成功利用弱點可能使攻擊者耗盡系統記憶體,從而導致設備重新加載。 
參考資 訊:

US-CERT (2020/02/06)
Cisco IP Phone Remote Code Execution and Denial of Service Vulnerability (2020/02/05)
Cisco NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability (2020/01/05)
Cisco Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial of Service Vulnerability (2020/01/05)
Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability (2020/01/05)
Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability (2020/01/05)

發佈留言

發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *