all InfoSec news
High Severity Vulnerability in Cisco Unity Connection Could Enable Root Privileges (CVE-2024-20272)
Malware Analysis, News and Indicators - Latest topics malware.news
Cisco has resolved a high-severity security vulnerability in Unity Connection that opens the door for unauthenticated attackers to upload malicious files, execute arbitrary commands, and gain root privileges on affected devices.
Details of the Cisco Unity Connection Vulnerability (CVE-2024-20272)
Tracked as CVE-2024-20272, the vulnerability holds a CVSS score of 7.3, although it is categorized with critical severity by Cisco. Importantly, it is non-local, necessitating neither authentication nor privileges, nor user interaction.
Cisco’s advisory attributes the vulnerability to a …
attackers cisco cve cvss cvss score devices door enable files high malicious privileges root score security security vulnerability severity unauthenticated unity unity connection upload vulnerability