March 22, 2024
Severity High Analysis Summary Ducktail Malware is a malicious program designed by hackers to infiltrate computers and networks globally. Ducktail malware is typically delivered through a […]
Rewterz Threat Advisory – Multiple Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
October 6, 2022
Rewterz Threat Advisory – CVE-2022-20948 – Cisco BroadWorks Hosted Thin Receptionist Vulnerability
October 6, 2022
Rewterz Threat Advisory – Multiple Cisco Expressway Series and Cisco TelePresence Video Communication Server Vulnerabilities
October 6, 2022
Rewterz Threat Advisory – CVE-2022-20948 – Cisco BroadWorks Hosted Thin Receptionist Vulnerability
October 6, 2022
Severity
High
Analysis Summary
CVE-2022-20929
Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow a remote attacker to execute arbitrary code on the system, caused by insufficient cryptographic signature verification of upgrade files. By providing an administrator with an unauthentic upgrade file, an attacker could exploit this vulnerability to fully compromise the Cisco NFVIS system.
Impact
Code Execution
Indicators Of Compromise
CVE
- CVE-2022-20929
Affected Vendors
Cisco
Affected Products
- Cisco Enterprise NFV Infrastructure Software (NFVIS)
Remediation
Refer to Cisco Security Advisory for patch, upgrade or suggested workaround information.