Cisco Patches DoS, Buffer Overflow Vulnerabilities in UCM

Cisco has fixed several vulnerabilities that if left unpatched could lead to a denial of service attack and allow attackers to modify data or execute arbitrary commands, among other problems.

Cisco has again pushed out an update for its Unified Communications Manager product, fixing several vulnerabilities that if left unpatched could lead to a denial of service attack, allow attackers to modify data or execute arbitrary commands, among other problems.

The problems exist in versions 7.1, 8.5, 8.6, 9.0 and 9.1 of the company’s popular VoIP processing system and there are no workarounds, according to an advisory from Cisco.

The company’s Product Security Incident Response Team (PSIRT) adds that it isn’t aware that any of the vulnerabilities are being maliciously exploited.

The DoS vulnerability is present on all of the versions listed above. On 7.1 all an attacker would have to do is send a malformed registration message to the device to trigger the vulnerability. On the other versions an attacker could rapidly send UDP packets to ports on the device and trigger the vulnerability due to an insufficient rate limiting of traffic on the device’s Session Initiation Protocol (SIP) port.

All of the of the versions also feature a buffer overflow vulnerability stemming from insufficient bounds checking. An authenticated, remote attacker could exploit that vulnerability by overwriting a memory buffer on a device and let them corrupt data, disrupt services and run arbitrary commands.

Patches are available on for all three versions (7, 8 and 9) of the software although 8.5 users are explicitly being asked to upgrade to 8.6 to ensure they fix all the issues.

While these are the first vulnerabilities identified in UCM since May, Cisco has had a busy summer patching up flaws in its other products. The company pushed fixes for a variety of networking products in June and earlier this month fixed a remotely exploitable bug in its Telepresence system.

Suggested articles