[SB 20.12] Cisco: RCE in UCS Director (CVE-2020-3240) and
IP-Phones (CVE-2016-1421)

RCE in UCS-Director (CVE-2020-3240)

Multiple Vulnerabilities has been found in Cisco UCS Director and Cisco UCS Director Express for Big Data leading to RCE and Authentication Bypass.

A POC/Exploit-Code had released at the same time as the Advisory by MR_ME

777 Cisco UCS-Installations can be found online, but cannot attributed 100% for sure to that special application (UCS-Productname is used for KVM/KVM-Management as well, but you wouldnt want this to be externally accessible anyway)


RCE in Cisco IP-Phones, dating back to 2016 (CVE-2016-1421)

A critical bug in the webapplication of Cisco IP-Phones, discovered around 2016, has been fixed in 2020-04. The vuln leads to an easily exploitable RCE.



Fragen? Kontakt: info@zero.bs