CISA Warns Of Microsoft Streaming, Cisco NX-OS Vulnerabilities
The Microsoft vulnerability could result in gained system privileges, while the Cisco vulnerabilities could lead to a DoS attack.
The U.S. Cybersecurity and Infrastructure Security Agency has put out warnings over vulnerabilities in Microsoft Streaming and the Cisco NX-OS data center network operating system.
CISA has issued a binding operational directive to federal civilian executive branch agencies to remediate the Microsoft Streaming vulnerability called CVE-2023-29360 in order to protect their networks against active threats, according to the CISA alert published Thursday.
Although the directive only applies to those agencies, “CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of catalog vulnerabilities as part of their vulnerability management practice,” according to the alert.
[RELATED: Feds: Russia-Sponsored Attackers Exploit Ubiquiti Routers, Microsoft Outlook]
Microsoft first published an alert about the vulnerability in June 2023. Exploiting the vulnerability could allow a threat actor to gain system privileges, according to the Redmond, Wash.-based tech giant. The vulnerability affects select Windows Server, Windows 10 and Windows 11 products.
Cisco Vulnerabilities Impact Data Center Software
As for Cisco, CISA published an alert Friday directing security specialists to the vendor’s updates on an NX-OS software vulnerability that could lead to a denial-of-service (DoS) attack.
Cisco’s advisories, published Wednesday, concern its NX-OS operating system for data center fabrics. The vulnerabilities are called CVE-2024-20321 and CVE-2024-20267.
According to the San Jose, Calif.-based networking vendor, the vulnerability “is due to lack of proper error checking when processing an ingress” multiprotocol label switching (MPLS) frame. An attacker could “cause the netstack process to unexpectedly restart, which could cause the device to stop processing network traffic or to reload.”
In a separate advisory, Cisco warned of a vulnerability in the External Border Gateway Protocol (eBGP) implementation of Cisco NX-OS Software, a vulnerability that could also lead to a DoS attack.
“This vulnerability exists because eBGP traffic is mapped to a shared hardware rate-limiter queue,” according to the Cisco advisory. “An attacker could exploit this vulnerability by sending large amounts of network traffic with certain characteristics through an affected device. A successful exploit could allow the attacker to cause eBGP neighbor sessions to be dropped, leading to a DoS condition in the network.”
Both vulnerabilities are fixed with a software update, according to Cisco. They impact certain Cisco Nexus series switches and platform switches as well as Cisco Nexus 9500 R-series line cards.
CRN has reached out to CISA, Microsoft and Cisco for comment but had not heard back as of publication time.