VM escape and root access bugs fixed in Cisco NFV infrastructure software

5 May 2022

Cisco has released patches for a trio of bugs that hit its Enterprise NFV Infrastructure Software, and could result in escaping from virtual machines, running commands as root, and leaking system data. Leading the way with a CVSS score of 9.9 is CVE-2022-20777 and relates to a bug in next generation input/output feature that allowed an authenticated remote attacker to jump out of the guest VM and run commands as root on the host machines via an API call.

Read full article on ZDNet

Date:

5 May 2022

Categorie(s):

NEWS

Tag(s):

Cisco, Infrastructure Development, IT, Networking, News

Enhancing Endpoint Security with Advanced Host-Based Intrusion Detection Capabilities23 April 2024
University Cybersecurity Clinics Can Now Use the New CISA Resource Guide23 April 2024
Free and Downloadable Account Management Policy Template23 April 2024
Align introduces ransomware prevention feature, powered by Adlumin23 April 2024
U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse23 April 2024