Cisco IMC Command Injection Vulnerability Under Active Attack | allinfosecnews.com

April 18, 2024, 12:51 p.m. | Guru Baran

Cyber Security News cybersecuritynews.com

An attacker with read-only or higher privileges on a Cisco Integrated Management Controller (IMC) can exploit a command injection vulnerability (CVE-2024-20295) to gain full control (root access) of the underlying operating system. The vulnerability exists due to insufficient validation of user-supplied input on the IMC CLI and there are no workarounds available, but software updates […]

The post Cisco IMC Command Injection Vulnerability Under Active Attack appeared first on Cyber Security News.

access attack attacker can cisco cli command command injection command injection vulnerability control controller cve cve-2024 exploit higher injection input management network security operating system privileges root root access system under validation vulnerability workarounds

More from cybersecuritynews.com / Cyber Security News

LATRODECTUS Loader Getting Popular Among Cybercriminals, Is It Replacing ICEDID! an hour ago | cybersecuritynews.com

bypass code cybercriminals cyber security +26

30+ Tesla Cars Hacked Using Third-Party Software 1 day, 11 hours ago | cybersecuritynews.com

access cars collect cyber security +23

How to Use Threat Intelligence Feeds for SOC/DFIR Teams 1 day, 12 hours ago | cybersecuritynews.com

block can compromise cyber security +28

YARA, the Malware Researchers Toolbox Evolved 1 day, 15 hours ago | cybersecuritynews.com

big bugs can cyber security +13

SugarGh0st RAT Attacking Organizations & Individuals in AI Research 1 day, 17 hours ago | cybersecuritynews.com

access ai research attack businesses +21

New Cyber Attack Targeting Facebook Business Accounts 1 day, 17 hours ago | cybersecuritynews.com

accounts ads attack business +28

CISA Reveals Guidance For Implementation of Encrypted DNS Protocols 1 day, 20 hours ago | cybersecuritynews.com

advice agency budget cisa +23

Two Brothers Arrested for Attacking Blockchain & Stealing $25M 1 day, 21 hours ago | cybersecuritynews.com

arrested blockchain boston charged +17

Microsoft to Mandate Multi-Factor Authentication for All Azure Users 1 day, 21 hours ago | cybersecuritynews.com

authentication azure big cloud +12

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Sr. Staff Firmware Engineer – Networking & Firewall

@ Axiado | Bengaluru, India

View on infosec-jobs.com

Compliance Architect / Product Security Sr. Engineer/Expert (f/m/d)

@ SAP | Walldorf, DE, 69190

View on infosec-jobs.com

SAP Security Administrator

@ FARO Technologies | EMEA-Portugal

View on infosec-jobs.com