Cisco issues free software updates to fix weaknesses in its Enterprise NFV Infrastructure Software. Multiple vulnerabilities have been discovered in Cisco’s Enterprise NFV Infrastructure Software (NFVIS). The worst of the vulnerabilities could let an attacker escape from the guest virtual machine (VM) to the host machine, Cisco disclosed. The other two problems involve letting a bad actor inject commands that execute at the root level and allowing a remote attacker to leak system data from the host to the VM. NFVIS is Linux-based infrastructure software designed to help enterprises and service providers to deploy virtualized network functions, such as a virtual router, firewall and WAN acceleration, Cisco stated. The critical vulnerability – with a CVSS score of 9.9 out of 10 – could allow an attacker to send an API call from a VM that will execute with root-level privileges on the NFVIS host. A successful exploit could allow the attacker to completely compromise an NFVIS host. Cisco said the vulnerability is due to insufficient guest restrictions. Another exposure in the image registration process of NFVIS could let an unauthenticated, remote attacker inject commands that could then execute at the root level on the NFVIS host during the image registration process. The weakness could convince an administrator on the host machine to install a VM image with crafted metadata that will execute commands with root–level privileges during the VM registration process, Cisco stated. A successful exploit could allow the attacker to inject commands with root-level privileges into the NFVIS host. This vulnerability is due to improper input validation, Cisco stated. The third NFVIS advisory relates to the import function of the software that could let an unauthenticated, remote attacker leak system data from the host to any configured VM. An attacker could exploit this vulnerability by persuading an administrator to import a crafted file that will read data from the host and write it to any configured VM. A successful exploit could allow the attacker to access system information from the host, such as files containing user data, on any configured VM, Cisco stated. An attacker who already has authenticated access on a VM that is configured within the NFVIS host could obtain direct access to confidential system information, Cisco stated. This vulnerability is due to the resolution of external entities in the XML parser, Cisco added. Cisco has issued free software updates that address these vulnerabilities and said there are no workarounds. Related content analysis At RSA, Cisco unveils Splunk integrations, Hypershield upgrades At RSA Conference 2024, Cisco announced plans to integrate its XDR platform and Splunk’s SIEM, bolster its Hypershield AI-native security architecture, and add to its Duo access-protection software. By Michael Cooney May 06, 2024 5 mins Network Management Software Network Security Networking how-to Download our Zero Trust network access (ZTNA) enterprise buyer’s guide From the editors of Network World, this enterprise buyer’s guide helps network and security IT staff understand what ZTNA can do for their organizations and how to choose the right solution. By Josh Fruhlinger and Steve Zurier May 06, 2024 1 min Network Security Enterprise Buyer’s Guides news Network jobs watch: Hiring, skills and certification trends What IT leaders need to know about expanding responsibilities, new titles and hot skills for network professionals and I&O teams. By Denise Dubie May 06, 2024 6 mins Careers Data Center Networking feature IBM’s bets on AI and hybrid cloud pay off Three key differentiators of IBM’s AI and cloud offerings are cross-platform automation, integration with multiple clouds, and tie-ins to IBM professional services. By Jeff Vance May 06, 2024 9 mins Hybrid Cloud Network Management Software Cloud Computing PODCASTS VIDEOS RESOURCES EVENTS NEWSLETTERS Newsletter Promo Module Test Description for newsletter promo module. Please enter a valid email address Subscribe