New Delhi, May 19 (SocialNews.XYZ) The Indian Computer Emergency Response Team (CERT-In), which comes under the Ministry of Electronics & Information Technology, has issued an advisory over two serious vulnerabilities in networking giant Cisco products that could allow attackers to elevate privileges to root on the underlying operating system.
The vulnerabilities reported in the company's product 'ConfD CLI' could allow the authenticated, low-privileged, local attacker "to read and write arbitrary files as root or elevate privileges to root on the underlying operating system", CERT-In said in its latest advisory.
The 'Arbitrary File Read and Write Vulnerability' exists in ConfD CLI due to improper authorisation enforcement when specific CLI commands are used.
"An attacker could exploit this vulnerability by executing an affected CLI command with crafted arguments," the cyber agency said.
It also mentioned that the successful exploitation of this vulnerability could allow "the attacker to read or write arbitrary files on the underlying operating system with the privileges of the root user".
The second vulnerability 'Privilege Escalation' exists in the affected product due to an incorrect privilege assignment when specific CLI commands are used.
According to the cyber agency, an attacker could exploit this vulnerability by executing an affected CLI command. In addition, CERT-In advised users to apply appropriate updates as released by Cisco.
Source: IANS
Gopi Adusumilli is a Programmer. He is the editor of SocialNews.XYZ and President of AGK Fire Inc.
He enjoys designing websites, developing mobile applications and publishing news articles on current events from various authenticated news sources.
When it comes to writing he likes to write about current world politics and Indian Movies. His future plans include developing SocialNews.XYZ into a News website that has no bias or judgment towards any.
He can be reached at gopi@socialnews.xyz
This website uses cookies.