Critical Privilege Escalation Flaw in Meeting Management ( CVSS 9.9 ) is fixed by Cisco.

Jan 23, 2025Ravie LakshmananNetwork Security / Risk

A critical security flaw that could allow a distant, authorized attacker to obtain administrator privileges on vulnerable instances has been fixed by Cisco.

The risk, tracked as CVE-2025-20156, carries a CVSS report of 9.9 out 10.0. It has been described as a luxury increase weakness in Cisco Meeting Management’s REST API.

According to the company,” This vulnerability exists because REST API people are not subject to proper authorization,” according to a Wednesday advice. By sending API pleas to a particular terminal, an attacker could utilize this risk.

A powerful utilize might give the attacker access to administrator-level power over edge nodes managed by Cisco Meeting Management.

The security flaw was reported by Modux’s Ben Leonard-Lagarde, who was the marketing equipment significant. Regardless of machine configuration, it has an impact on the following product versions:

  • Cisco Meeting Management has updated version 3. 9 ( Pasted in 3. 3.9.1 ).
  • Release versions 3. 8 and higher from Cisco Meeting Management ( Migrate to a fixed release ).
  • Cisco Meeting Management release version 3.10 ( Not vulnerable )

Cisco has also released patches to remediate a denial-of-service ( DoS ) flaw affecting BroadWorks that stems from improper memory handling for certain Session Initiation Protocol ( SIP ) requests ( CVE-2025-20165, CVSS score: 7.5 ). The issue has been resolved in RI’s type. 2024.11.

A hacker could use this risk by sending a large number of SIP calls to the system, the statement read.

The attacker may be able to use the Cisco BroadWorks Network Servers, which handle SIP customers, to fully utilize the memory. The Network Servers cannot no longer process incoming calls if there is no memory available, which creates a DoS condition that requires regular recovery.

A third vulnerability patched by Cisco is ( CVSS score: 5.3 ), an integer underflow bug impacting the Object Linking and Embedding 2 ( OLE2 ) decryption routine of ClamAV that could also result in a DoS condition.

The company, which acknowledged Google OSS-Fuzz for reporting the flaw, said it’s aware of the existence of a proof-of-concept ( PoC ) exploit code, although there is no evidence it has been maliciously exploited in the wild.

Ivanti and CISA and FBI Detail Ivanti Exploit Bars

The U.S. government’s security and law enforcement organizations have revealed technical details of two exploit chains used by nation-state phishing teams to hack into Ivanti’s cloud services applications in September 2024 as a result of the news of Cisco flaws.

The flaws are as follows:-

The attack sequences, per the Cybersecurity and Infrastructure Security Agency ( CISA ) and Federal Bureau of Investigation ( FBI ), involved the abuse of CVE-2024-8963 in conjunction with CVE-2024-8190 and CVE-2024-9380 in one case, and CVE-2024-8963 and CVE-2024-9379 in the other.

The initial exploit ring was made public by Fortinet FortiGuard Labs in October 2024, it should be noted. The threat actors are alleged to have moved medial in at least one situation after gaining traction at first.

The second exploit network has been found to utilize CVE-2024-8963 in combination with CVE-2024-9379 to get access to the target system, followed by fruitless attempts to transplant website shells for persistence.

” Hazard actors chained the listed risks to gain preliminary access, conduct distant code execution (RCE), obtain credentials, and implant web shell on victim systems”, the companies . ” Ivanti appliances ‘ sensitive data and credentials should be regarded as compromised.”

Found this post interesting? Following us on and Twitter to access more unique content.

DNS checker

Leave a Comment