The bug is the result of a server-client side authentication failure, which could let a successful attacker escalate privileges and take over the systems ultimately. While there are no reports of its exploitation are found in wild yet, Cisco warns users of potential cyberattacks, and recommends applying the available patch.
Privilege Escalation Bug in Cisco Systems
Among the widest portfolio of enterprise software Cicso makes, the Unified Contact Center Enterprise (UCCE) is one that’s aimed at contact centers for a company. This package contains a bunch of tools helpful for a company to communicate with its customers, lodge their grievances and solve them. This software is capable of housing nearly 24,000 customer-service agents at a time, using various channels like inbound voice, outbound voice, outbound interactive voice response (IVR), and digital channels. Cisco boasts that it has well-known companies in its portfolio, including the T-Mobile USA, using its UCCE platform. But, the suite is infested with a critical security bug (CVE-2022-20658), that could let an attacker escalate privileges and take over systems, warns Cisco. The actual problem arises in the Cisco Unified Contact Center Management Portal (Unified CCMP) and Cisco Unified Contact Center Domain Manager (Unified CCDM), where a server-client authentication mechanism failure is the cause. Affected systems as per Cisco are;
Versions 11.6.1 and earlier: Fixed release is 11.6.1 ES17 Version 12.0.1: Fixed release is 12.0.1 ES5, and Version 12.5.1: Fixed release is 12.5.1 ES5
An attacker successfully exploiting these can takeover systems, create rogue admin accounts, and modify the telephony and user resources available in the company’s systems. This aside from having access to the senstive data stored regarding customers. As a patch is available, Cisco recommends users update their systems to avoid hacks. Also, the company stated that no exploitations of this bug were found in wild as of now.