January 13, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Advisory – Multiple VMware Aria Operations Vulnerabilities
February 8, 2024
Rewterz Threat Advisory – CVE-2024-22349 – SonicWall SonicOS Vulnerability
February 9, 2024
Rewterz Threat Advisory – Multiple VMware Aria Operations Vulnerabilities
February 8, 2024
Rewterz Threat Advisory – CVE-2024-22349 – SonicWall SonicOS Vulnerability
February 9, 2024
Severity
High
Analysis Summary
CVE-2024-20290 CVSS:7.5
Cisco Secure Endpoint Connector for Windows and Secure Endpoint Private Cloud are vulnerable to a denial of service, caused by an incorrect check for end-of-string values during scanning, which may result in a heap buffer over-read. By submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device, a remote attacker could exploit this vulnerability to cause the ClamAV scanning process to terminate, resulting in a denial of service.
CVE-2024-20252, CVE-2024-20254, CVE-2024-20255
Cisco Expressway Series and TelePresence Video Communication Server (VCS) is vulnerable to cross-site request forgery, caused by improper verification of user-supplied input. By persuading an authenticated user to visit a malicious Web site, a remote attacker could send a malformed HTTP request to perform unauthorized actions. An attacker could exploit this vulnerability to perform cross-site scripting attacks, Web cache poisoning, and other malicious activities.
Impact
- Denial of Service
- Gain Access
Indicators Of Compromise
CVE
- CVE-2023-40363
Affected Vendors
Cisco
Affected Products
- Cisco Telepresence Video Communication Server
- Cisco Expressway Series
- Cisco Secure Endpoint Connector for Windows
- Cisco Secure Endpoint Private Cloud
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.