==================================================================== CERT-Renater Note d'Information No. 2020/VULN601 _____________________________________________________________________ DATE : 04/11/2020 HARDWARE PLATFORM(S): Cisco. OPERATING SYSTEM(S): Systems running Cisco SD-WAN vManage Software, Cisco Webex Meetings Desktop App, Cisco IP Phone software, Cisco IP Phone software, Cisco Webex Network Recording Player, Cisco Webex Player, Cisco AnyConnect Secure Mobility Client. ===================================================================== https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-traversal-hQh24tmk https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepeshlg-tJghOQcA https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepegr-4xynYLUj https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepestd-8C3J9Vc https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepescm-BjgQm4vJ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-vdi-qQrpBwuJ https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-nbr-NOS6FQ24 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2020-November-04. The following PSIRT security advisories (12 High) were published at 16:00 UTC today. Table of Contents: 1) Cisco SD-WAN vManage Software Privilege Escalation Vulnerability - SIR: High 2) Cisco SD-WAN vManage Software Directory Traversal Vulnerability - SIR: High 3) Cisco SD-WAN Software Arbitrary File Creation Vulnerability - SIR: Highhttps://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-traversal-hQh24tmk 4) Cisco SD-WAN Software Privilege Escalation Vulnerability - SIR: High 5) Cisco SD-WAN Software Privilege Escalation Vulnerability - SIR: High 6) Cisco SD-WAN Software Privilege Escalation Vulnerability - SIR: High 7) Cisco SD-WAN Software Privilege Escalation Vulnerability - SIR: High 8) Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability - SIR: High 9) Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability - SIR: High 10) Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities - SIR: High 11) Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability - SIR: High 12) Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability - SIR: High +-------------------------------------------------------------------- 1) Cisco SD-WAN vManage Software Privilege Escalation Vulnerability CVE-2020-26074 SIR: High CVSS Score v(3.1): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-escalation-Jhqs5Skf"] +-------------------------------------------------------------------- 2) Cisco SD-WAN vManage Software Directory Traversal Vulnerability CVE-2020-26073 SIR: High CVSS Score v(3.1): 7.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-traversal-hQh24tmk ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vman-traversal-hQh24tmk"] +-------------------------------------------------------------------- 3) Cisco SD-WAN Software Arbitrary File Creation Vulnerability CVE-2020-26071 SIR: High CVSS Score v(3.1): 8.4 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vsoln-arbfile-gtsEYxns"] +-------------------------------------------------------------------- 4) Cisco SD-WAN Software Privilege Escalation Vulnerability CVE-2020-3600 SIR: High CVSS Score v(3.1): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepeshlg-tJghOQcA ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepeshlg-tJghOQcA"] +-------------------------------------------------------------------- 5) Cisco SD-WAN Software Privilege Escalation Vulnerability CVE-2020-3595 SIR: High CVSS Score v(3.1): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepegr-4xynYLUj ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepegr-4xynYLUj"] +-------------------------------------------------------------------- 6) Cisco SD-WAN Software Privilege Escalation Vulnerability CVE-2020-3594 SIR: High CVSS Score v(3.1): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepestd-8C3J9Vc ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepestd-8C3J9Vc"] +-------------------------------------------------------------------- 7) Cisco SD-WAN Software Privilege Escalation Vulnerability CVE-2020-3593 SIR: High CVSS Score v(3.1): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepescm-BjgQm4vJ ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vepescm-BjgQm4vJ"] +-------------------------------------------------------------------- 8) Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability CVE-2020-3588 SIR: High CVSS Score v(3.1): 7.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-vdi-qQrpBwuJ ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-vdi-qQrpBwuJ"] +-------------------------------------------------------------------- 9) Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability CVE-2020-3574 SIR: High CVSS Score v(3.1): 7.5 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-voip-phone-flood-dos-YnU9EXOv"] +-------------------------------------------------------------------- 10) Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities CVE-2020-3573, CVE-2020-3603, CVE-2020-3604 SIR: High CVSS Score v(3.1): 7.8 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-nbr-NOS6FQ24 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-nbr-NOS6FQ24"] +-------------------------------------------------------------------- 11) Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability CVE-2020-3556 SIR: High CVSS Score v(3.1): 7.3 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-ipc-KfQO9QhK"] +-------------------------------------------------------------------- 12) Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability CVE-2020-3284 SIR: High CVSS Score v(3.0): 8.1 URL: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2 ["https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-pxe-unsign-code-exec-qAa78fD2"] ========================================================= + CERT-RENATER       |    tel : 01-53-94-20-44          + + 23/25 Rue Daviel   |    fax : 01-53-94-20-41         + + 75013 Paris        |    email:cert@support.renater.fr + =========================================================