Web sites

Cisco fixes a very serious bug in its web protection solution

Cisco announced fixes for a high-severity privilege escalation vulnerability in AsyncOS for Cisco Secure Web Appliance.

Formerly Web Security Appliance (WSA), Cisco Secure Web Appliance is an enterprise protection solution designed to block risky sites and provide application visibility and control.

Tracked as CVE-2022-20871, the newly resolved flaw can be remotely exploited to inject commands and elevate root privileges, but requires authentication for successful exploitation.

According to Cisco, the security bug exists because the user-provided input for the web interface is not sufficiently validated.

“An attacker could exploit this vulnerability by authenticating to the system and sending a specially crafted HTTP packet to the affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system and elevate privileges to root,” Cisco explains.

The tech giant also notes that the attacker must have at least read-only credentials to successfully exploit the issue.

Cisco addressed the vulnerability with version 14.5.0-537 of AsyncOS for Secure Web Appliance and also plans to release updates for versions 12.5 and 14.0 of the appliance.

No workaround is available to address the vulnerability and Cisco encourages customers to install available patches as soon as possible.

Cisco says it is not aware of this vulnerability being exploited in malicious attacks.

Related: Cisco Patches High-Severity Vulnerability in Security Solutions

Related: Cisco Patches Critical Vulnerability in Email Security Appliance

Related: Cisco Warns of Exploit Attempts Targeting New IOS XR Vulnerability

Related: Cisco fixes 11 high-severity vulnerabilities in security products

Ionut Argire is an international correspondent for SecurityWeek.

Previous columns by Ionut Arghire:
Key words: