The Register: Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug

Jan 23, 2025

—

Source URL: https://www.theregister.com/2025/01/23/cisco_fixes_critical_bug/
Source: The Register
Title: Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug

Feedly Summary: No in-the-wild exploits … yet
Cisco has pushed a patch for a critical, 9.9-rated vulnerability in its Meeting Management tool that could allow a remote, authenticated attacker with low privileges to escalate to administrator on affected devices.…

AI Summary and Description: Yes

Summary: Cisco has released a critical patch for a high-severity vulnerability (CVE-2025-20156) in its Meeting Management software that poses a significant security risk by allowing low-privileged users to escalate their permissions to admin status. The flaw’s easy exploitation via API requests highlights the urgent need for users to update their systems to mitigate potential attacks.

Detailed Description:
The critical vulnerability in Cisco’s Meeting Management tool is a pressing concern for organizations using this system, particularly given the prevalence of remote work and digital communications. The details regarding the vulnerability and its implications are as follows:

– **Vulnerability Rating:** The vulnerability is rated 9.9 on the CVSS scale, indicating a critical level of severity.
– **Exploitation Method:** Attackers could exploit this flaw by sending crafted API requests to a specific endpoint, potentially allowing them admin-level access to system components.
– **Affected Versions:** Most releases of Cisco Meeting Management are susceptible to this vulnerability, regardless of device configuration.
– **Absence of Workaround:** There is currently no workaround available for this issue, which increases its risk profile.
– **Recommended Action:** Users should immediately apply the software update to patch the vulnerability. For Cisco Meeting Management version 3.8 and earlier, users need to migrate to a newer supported version (at least 3.9.1), as version 3.10 is not affected.
– **Potential Risks:** Although Cisco has reported no known in-the-wild exploits, the easy exploitability combined with the critical nature of the vulnerability suggests that it may soon attract malicious attention or the development of a Proof-of-Concept exploit.

This incident emphasizes the importance of regular patch management and security updates in software, especially in the context of tools that support remote collaboration and communication. Organizations must remain vigilant and responsive to such vulnerabilities to protect sensitive data and maintain operational integrity.

01 1 2 3 5 a access Act AI and API art as attack attackers attacks Bug by C CIA Cisco collaboration communication Communications. concept concept exploit Configuration Context critical critical vulnerability Current CVE D data de development digital digital communication e end endpoint exp exploit exploitability Exploitation exploits for g Gen GIS git high Highlight http HTTPS implications in incident integrity k l Labor law least led low management media Meeting Management mini mission NIST no o of on one operation operational integrity organization organizations Patch Patch Management permissions point pre proof proof-of-concept proof-of-concept exploit R rate RCE release releases remote work report Risk risks Ro s Scale sec security security risk security update security updates sensitive data severity Sig software software update source system systems T Tails text the to tool tools Tor TP up update updates US use user uth V val version vulnerabilities vulnerability Wi x