Jeremys
Essential
- Joined
- 28.09.20
- Messages
- 75
- Reaction score
- 238
- Points
- 18
Exploiting vulnerabilities allows an attacker to run arbitrary programs on the base OS with elevated privileges, etc
Cisco specialists have released software updates that address multiple vulnerabilities in Jabber messaging clients for Windows, macOS, Android and iOS operating systems.
Exploiting vulnerabilities allows an attacker to run arbitrary programs on the underlying operating system with elevated privileges, gain access to confidential information, intercept control over protected network traffic, or cause a denial of service (DoS) state.
In total, five vulnerabilities were fixed, three of which (CVE-2021-1411, CVE-2021-1417 and CVE-2021-1418) were reported to the company by researcher Olav Sortland Thoresen from Watchcom, and the other two (CVE-2021-1469 and CVE-2021-1471) were identified during internal security testing.
The problems do not depend on each other, and the use of one of the vulnerabilities is not related to the exploitation of the other. To exploit the problems, the attacker must authenticate to the XMPP server running the vulnerable software, and also be able to send XMPP messages.
The most dangerous problem is related to incorrect verification of message content (CVE-2021-1411) in the Windows version of the application and received a score of 9.9 points out of the maximum 10 on the CVSS scale. An attacker can send specially generated XMPP messages to a vulnerable client and execute arbitrary code with the same privileges as the user account.
In addition to CVE-2021-1411, Cisco also fixed four other issues in Jabber, including:
CVE-2021-1469 (Windows) — vulnerability of incorrect message content validation, which could lead to the execution of arbitrary code;
CVE-2021-1417 (Windows) - an error occurred while checking the content of a message that could be used to leak confidential information.
CVE-2021-1471 (Windows, macOS, Android, iOS) is a certificate verification vulnerability that can be used to intercept network requests and even change connections between the Jabber client and the server.
CVE-2021-1418 (Windows, macOS, Android, iOS) - An issue that occurs due to incorrect message content validation, which can be exploited by sending generated XMPP messages that cause a denial of service (DoS) state.
Cisco specialists have released software updates that address multiple vulnerabilities in Jabber messaging clients for Windows, macOS, Android and iOS operating systems.
Exploiting vulnerabilities allows an attacker to run arbitrary programs on the underlying operating system with elevated privileges, gain access to confidential information, intercept control over protected network traffic, or cause a denial of service (DoS) state.
In total, five vulnerabilities were fixed, three of which (CVE-2021-1411, CVE-2021-1417 and CVE-2021-1418) were reported to the company by researcher Olav Sortland Thoresen from Watchcom, and the other two (CVE-2021-1469 and CVE-2021-1471) were identified during internal security testing.
The problems do not depend on each other, and the use of one of the vulnerabilities is not related to the exploitation of the other. To exploit the problems, the attacker must authenticate to the XMPP server running the vulnerable software, and also be able to send XMPP messages.
The most dangerous problem is related to incorrect verification of message content (CVE-2021-1411) in the Windows version of the application and received a score of 9.9 points out of the maximum 10 on the CVSS scale. An attacker can send specially generated XMPP messages to a vulnerable client and execute arbitrary code with the same privileges as the user account.
In addition to CVE-2021-1411, Cisco also fixed four other issues in Jabber, including:
CVE-2021-1469 (Windows) — vulnerability of incorrect message content validation, which could lead to the execution of arbitrary code;
CVE-2021-1417 (Windows) - an error occurred while checking the content of a message that could be used to leak confidential information.
CVE-2021-1471 (Windows, macOS, Android, iOS) is a certificate verification vulnerability that can be used to intercept network requests and even change connections between the Jabber client and the server.
CVE-2021-1418 (Windows, macOS, Android, iOS) - An issue that occurs due to incorrect message content validation, which can be exploited by sending generated XMPP messages that cause a denial of service (DoS) state.