Additional details are noted below on patches released today for Cisco IOS and IOX XE Software
If your organization does not use these products, please disregard this message.
CVE-2023-27532: Veeam Backup & Replication Credential Theft Vulnerability
CVSSv3: 7.5
Veeam has released a patch to address a vulnerability in their Backup & Replication component. This vulnerability may be leveraged to allow an unauthenticated attacker to remotely access encrypted credentials that are stored in the configuration database and gain access to hosts and devices served by the Veeam Backup Server, providing an attacker with the ability to achieve remote code execution (RCE) on the host.
An attacker may exploit this by interrogating the local API which is listening by default on TCP port 9401.
There is a POC for this exploit available publicly and there is high potential that this will soon be leveraged by threat actors against organizations using this product.
Mitigation:
https://www.veeam.com/kb4424
Additional Resources:
https://www.bleepingcomputer.com/news/security/exploit-released-for-veeam-bug-allowing-cleartext-credential-theft/
Cisco Security Advisory: Cisco IOS & IOS XE Software
As we were sending this out, we also noted that Cisco released patches for their IOS and IOS XE Software. These patches address the vulnerabilities indicated below. Additional information may be found at: https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-74842
Cisco Security Advisory |
CVE ID |
Security Impact Rating |
CVSS Base Score |
Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability |
CVE-2023-20080 |
High |
8.6 |
Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability |
CVE-2023-20072 |
High |
8.6 |
Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability |
CVE-2023-20027 |
High |
8.6 |
Cisco IOS XE SD-WAN Software Command Injection Vulnerability |
CVE-2023-20035 |
High |
7.8 |
Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability |
CVE-2023-20065 |
High |
7.8 |
Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability |
CVE-2023-20067 |
High |
7.4 |
Cisco Adaptive Security Appliance Software, Firepower Threat Defense Software, IOS Software, and IOS XE Software IPv6 DHCP (DHCPv6) Client Denial of Service Vulnerability |
CVE-2023-20081 |
Medium |
6.8 |
Cisco IOS XE Software for Wireless LAN Controllers CAPWAP Join Denial of Service Vulnerability |
CVE-2023-20100 |
Medium |
6.8 |
Cisco IOS XE Software Web UI Path Traversal Vulnerability |
CVE-2023-20066 |
Medium |
6.5 |
Cisco IOS XE Software Privilege Escalation Vulnerability |
CVE-2023-20029 |
Medium |
4.4 |
