Vulnerability identifier: #VU85776
Vulnerability risk: High
CVSSv3.1: 8.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-502
Exploitation vector: Network
Exploit availability: No
Vulnerable software:
Cisco Packaged Contact Center Enterprise
Client/Desktop applications /
Office applications
Cisco Unified Communications Manager
Server applications /
Other server solutions
Cisco Unified Communications Manager IM & Presence Service
Client/Desktop applications /
Other client software
Cisco Unified Communications Manager Session Management Edition
Server applications /
Remote management servers, RDP, SSH
Cisco Unified Contact Center Enterprise
Server applications /
Conferencing, Collaboration and VoIP solutions
Cisco Unified Contact Center Express
Server applications /
Web servers
Cisco Unity Connection
Client/Desktop applications /
Messaging software
Cisco Virtualized Voice Browser
Client/Desktop applications /
Web browsers
Vendor: Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to insecure input validation when processing serialized data. A remote attacker can send a specially crafted message to a listening port of an affected device and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Mitigation
Install updates from vendor's website.
Vulnerable software versions
Cisco Packaged Contact Center Enterprise: 12.0.0 - 12.5.2
Cisco Unified Communications Manager: 11.5(1) - 14SU4
Cisco Unified Communications Manager IM & Presence Service: 11.0 - 14SU4
Cisco Unified Communications Manager Session Management Edition: 11.0 - 14SU3
Cisco Unified Contact Center Enterprise: 12.0 - 12.5.2
Cisco Unified Contact Center Express: 12.0 - 12.5.1 SU2
Cisco Unity Connection: 12.0 - 14SU3a
Cisco Virtualized Voice Browser: 12.5.0 - 12.5.2
External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-rce-bWNzQcUm
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd64245
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd64276
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwd64292
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe18773
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe18830
http://bst.cloudapps.cisco.com/bugsearch/bug/CSCwe18840
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.