Critical Cisco Jabber Bug Could Let Attackers Hack Remote Systems

Cisco on Wednesday introduced computer software updates to address multiple vulnerabilities affecting its Jabber messaging clientele across Windows, macOS, Android, and iOS.

Productive exploitation of the flaws could permit an “attacker to execute arbitrary packages on the fundamental working system with elevated privileges, obtain delicate details, intercept safeguarded community targeted traffic, or induce a denial of provider (DoS) condition,” the networking major said in an advisory.

The troubles worry a total of 5 stability vulnerabilities, a few of which (CVE-2021-1411, CVE-2021-1417, and CVE-2021-1418) had been noted to the corporation by Olav Sortland Thoresen of Watchcom, with two other people (CVE-2021-1469 and CVE-2021-1471) uncovered for the duration of internal safety tests.

Cisco notes that the flaws are not dependent on one particular one more, and that exploitation of any a single of the vulnerabilities does not hinge on the exploitation of another. But in buy to do this, an attacker requirements to be authenticated to an Extensible Messaging and Presence Protocol (XMPP) server functioning the susceptible program, as effectively as be ready to ship XMPP messages.

CVE-2021-1411, which considerations an arbitrary method execution vulnerability in its Windows app, is also the most vital, with a CVSS rating of 9.9 out of a utmost of 10. According to Cisco, the flaw is because of to poor validation of concept content material, therefore making it achievable for an attacker to send out specifically-crafted XMPP messages to the susceptible consumer and execute arbitrary code with the exact same privileges as that of the user account working the program.

Apart from CVE-2021-1411, four other Jabber flaws have also been fastened by Cisco, counting —

  • CVE-2021-1469 (Windows) – An concern with improper validation of message information that could consequence in arbitrary code execution.
  • CVE-2021-1417 (Home windows) – A failure to validate message information that could be leveraged to leak sensitive information and facts, which can then gas even more attacks.
  • CVE-2021-1471 (Windows, macOS, Android, iOS) – A certificate validation vulnerability that could be abused to intercept community requests and even modify connections amongst the Jabber consumer and a server
  • CVE-2021-1418 (Home windows, macOS, Android, iOS) – An problem arising from improper validation of information material that could be exploited by sending crafted XMPP messages to lead to a denial-of-company (DoS) ailment.

This is much from the very first time Norwegian cybersecurity company Watchcom has uncovered flaws in Jabber clients. In September 2020, Cisco fixed 4 flaws in its Windows application that could permit an authenticated, distant attacker to execute arbitrary code. But just after a few of the 4 vulnerabilities were not “adequately mitigated,” the company finished up releasing the next round of patches in December.

In addition to the take care of for Jabber, Cisco has also revealed 37 other advisories that go into detail about security updates for a amount of medium and higher severity safety issues influencing many Cisco products.

Fibo Quantum