all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Cisco IMC Command Injection Vulnerability Under Active Attack

Add to bookmarks
April 18, 2024, 12:51 p.m. | Guru Baran

Cyber Security News cybersecuritynews.com

An attacker with read-only or higher privileges on a Cisco Integrated Management Controller (IMC) can exploit a command injection vulnerability (CVE-2024-20295) to gain full control (root access) of the underlying operating system.  The vulnerability exists due to insufficient validation of user-supplied input on the IMC CLI and there are no workarounds available, but software updates […]


The post Cisco IMC Command Injection Vulnerability Under Active Attack appeared first on Cyber Security News.

access attack attacker can cisco cisco imc vulnerability cli command command injection command injection attack command injection vulnerability control controller cve cve-2024 exploit higher injection input management network security network security updates operating system privileges root root access system under validation vulnerability workarounds

Visit resource

More from cybersecuritynews.com / Cyber Security News

Hackers Infiltrated 9-days Within UnitedHealth Network Before Ransomware Attack 15 hours ago | cybersecuritynews.com
alphv attack blackcat breach +21
Malware Cuckoo – Previously Unknown Infosteler Spyware Steals Data From MacOS 16 hours ago | cybersecuritynews.com
april bird code cuckoo +16
Postman API Testing Platform Flaw Exposes Sensitive Credentials 18 hours ago | cybersecuritynews.com
api api testing credentials cyber security +19
Millions of Docker Hub Repositories Found Pushing Malware for Over 5 Years 19 hours ago | cybersecuritynews.com
access applications cyber security developers +19
Investigating Two TeamCity Authentication Bypass Vulnerabilities 1 day, 8 hours ago | cybersecuritynews.com
access account account takeovers array +29
Threat Actors Claiming of 0-Day Vulnerability in Zyxel VPN Device 1 day, 10 hours ago | cybersecuritynews.com
0-day vulnerability access attackers claim +18
Muddling Meerkat Using DNS As A Powerful Weapon For Sophistication 1 day, 11 hours ago | cybersecuritynews.com
actor attacks china chinese +32
Pathfinder – New Attack Steals Sensitive Data From Modern Processors 1 day, 11 hours ago | cybersecuritynews.com
analysts attack attacks building +25
Beware of New Android Trojan That Executes Malicious Commands on Your Phone 1 day, 12 hours ago | cybersecuritynews.com
android android malware android trojan backdoor +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Azure DevSecOps Cloud Engineer II

@ Prudent Technology | McLean, VA, USA
View on infosec-jobs.com

Security Engineer III - Python, AWS

@ JPMorgan Chase & Co. | Bengaluru, Karnataka, India
View on infosec-jobs.com

SOC Analyst (Threat Hunter)

@ NCS | Singapore, Singapore
View on infosec-jobs.com

Managed Services Information Security Manager

@ NTT DATA | Sydney, Australia
View on infosec-jobs.com

Senior Security Engineer (Remote)

@ Mattermost | United Kingdom
View on infosec-jobs.com

Penetration Tester (Part Time & Remote)

@ TestPros | United States - Remote
View on infosec-jobs.com
View more jobs