Rewterz Threat Alert – WastedLocker Ransomware Active in the Wild
August 20, 2020Rewterz Threat Advisory – CVE-2020-3440 – Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability
August 20, 2020Rewterz Threat Alert – WastedLocker Ransomware Active in the Wild
August 20, 2020Rewterz Threat Advisory – CVE-2020-3440 – Cisco Webex Meetings Desktop App for Windows Arbitrary File Overwrite Vulnerability
August 20, 2020Severity
High
Analysis Summary
A vulnerability in Cisco Virtual Wide Area Application Services (vWAAS) with Cisco Enterprise NFV Infrastructure Software (NFVIS)-bundled images for Cisco ENCS 5400-W Series and CSP 5000-W Series appliances could allow an unauthenticated, remote attacker to log into the NFVIS CLI of an affected device by using accounts that have a default, static password.
Impact
- Gain access
- Privilege escalation
Affected Vendors
Cisco
Affected Products
- Cisco Virtual Wide Area Application Services (vWAAS) 6.4.5
- Cisco Virtual Wide Area Application Services (vWAAS) 6.4.3d
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.