Cisco Reveals VPN Vulnerability, Analysts React
Vulnerability Severity Enable Hacker Code
Overt Operator
October 02, 2023
Cisco, one of the leading technology companies, recently revealed that hackers are attempting to exploit a vulnerability in one of its VPN products. While the tech giant published multiple advisories about vulnerabilities, security experts have focused on one particular vulnerability affecting the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software, an official update from Cisco revealed on September 27.
This vulnerability, known as CVE-2023-20109, has the potential to enable hackers to execute arbitrary code and gain control of affected systems or cause them to crash. In response, Cisco has urged users to install the provided patches to mitigate the risk.
The Severity of the Vulnerability
The vulnerability, with a CVSS severity score of 6.6 out of 10, was officially announced by Cisco on September 27. Cisco clarified that the vulnerability can only be exploited if the attacker has previously infiltrated the targeted environment.
This means that the hacker would already need to have deep access to the organization's systems to exploit the vulnerability.
Cybersecurity experts have indicated that this particular vulnerability is more likely to be used by hackers attempting to escalate their access privileges in an already-compromised system.
The Importance of Installing Patches
Cisco emphasized that there are no workarounds for this vulnerability other than the patches provided by the company. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) also issued a warning, urging companies to promptly install the patches. Analysts urge organizations to take this threat seriously and ensure that their systems are adequately protected.
Expert Opinions on the Vulnerability
Tim Silverline, the vice president of network automation company Gluware, stated that the danger posed by this vulnerability is not substantial, Dark Reading reported. He argued that if a malicious actor already has full access to a target environment, then the organization is already compromised, and this vulnerability is just one of the many ways attackers could move laterally within the system.
Similarly, Callie Guenther from Critical Start compared this vulnerability to someone having keys to a house, indicating that it is not the initial breach, but rather a potential way for attackers to further exploit an already compromised system.
Zero-Day Risks of VPN Vulnerability
The attempted exploitation of a zero-day vulnerability in Cisco's VPN software highlights the constant threat posed by cybercriminals. While this particular vulnerability requires previous infiltration of the environment, organizations must remain vigilant and take the necessary steps to protect their systems.
Installing the patches provided by Cisco is essential to mitigate the risk and ensure the security of sensitive data. By staying proactive and adhering to recommended cybersecurity practices, businesses can minimize the potential for unauthorized access and protect themselves from evolving cyber threats.