¡¾Îó²îͨ¸æ¡¿Cisco¶à¸öÇå¾²Îó²î

Ðû²¼Ê±¼ä 2021-01-14

0x00 Îó²î¸ÅÊö

2021Äê01ÔÂ13ÈÕ£¬£¬£¬£¬CiscoÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬¹ûÕæÁËÆä¶à¸ö²úÆ·ÖеÄ67¸öÎó²î²¹¶¡£¬£¬£¬£¬ÕâЩÎó²îÉæ¼°AnyConnectÇå¾²ÒÆ¶¯¿Í»§¶Ë¡¢RV110W¡¢RV130¡¢RV130WºÍRV215WСÐÍÆóҵ·ÓÉÆ÷¼°Cisco»¥ÁªÒƶ¯ÌåÑ飨CMX£©µÈ¡£¡£¡£¡£


0x01 Îó²îÏêÇé

image.png

 

Cisco»¥ÁªÒƶ¯ÌåÑéȨÏÞÉý¼¶Îó²î£¨CVE-2021-1144£©

¸ÃÎó²î±£´æÓÚ˼¿Æ»¥ÁªÒƶ¯ÌåÑ飨CMX£©ÖУ¬£¬£¬£¬ÊǶԸü¸ÄÃÜÂëµÄÊÚȨ¼ì²é´¦Öóͷ£²»µ±µ¼ÖµÄ£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.8¡£¡£¡£¡£¾­ÓÉÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔͨ¹ý·¢ËͶñÒâHTTPÇëÇóÀ´Ê¹ÓôËÎó²î¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ¸ü¸ÄϵͳÉÏÈκÎÓû§£¨°üÀ¨ÖÎÀíÓû§£©µÄÃÜÂëÀ´Ã°³ä¸ÃÓû§¡£¡£¡£¡£µ«ÒªÊ¹ÓôËÎó²î£¬£¬£¬£¬¹¥»÷Õß±ØÐèÓµÓо­ÓÉÉí·ÝÑéÖ¤µÄCMXÕÊ»§¡£¡£¡£¡£

Ó°Ïì¹æÄ£

Cisco CMX°æ±¾10.6.0¡¢10.6.1ºÍ10.6.2

ÐÞ¸´°æ±¾

10.6.3¼°¸ü¸ß°æ±¾

 

Cisco AnyConnect Secure Mobility Client for Windows DLL ×¢ÈëÎó²î£¨CVE-2021-1237£©

Ä £¿£¿£¿£¿£¿£¿£¿é»¯¶ËµãÈí¼þ²úÆ·AnyConnect Secure Mobility ClientΪ¶ËµãÌṩÁËÆÕ±éµÄÇ徲ЧÀÍ£¬£¬£¬£¬ÈçÔ¶³Ì»á¼û¡¢WebÇå¾²¹¦Ð§ºÍÖÜÓα£»£»£»£»£»£»¤¡£¡£¡£¡£

¸ÃÎó²î±£´æÓÚWindows°æCisco AnyConnectÇå¾²ÒÆ¶¯¿Í»§¶ËµÄÍøÂç»á¼ûÖÎÀíÆ÷ºÍWebÇå¾²ÊðÀí×é¼þÖУ¬£¬£¬£¬ÊÇÓ¦ÓóÌÐò¶ÔÔËÐÐʱ¼ÓÔØµÄ×ÊÔ´Ñé֤ȱ·¦µ¼ÖµÄ£¬£¬£¬£¬ÆäCVSSÆÀ·Ö7.8¡£¡£¡£¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚϵͳµÄÌØ¶¨Â·¾¶ÖвåÈëÉèÖÃÎļþÀ´Ê¹ÓôËÎó²î£¬£¬£¬£¬´Ó¶øµ¼ÖÂÓ¦ÓóÌÐòÆô¶¯Ê±¼ÓÔØ¶ñÒâµÄDLLÎļþ¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔʹÓÃSYSTEMȨÏÞÔÚÊÜÓ°ÏìµÄÅÌËã»úÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£µ«ÒªÊ¹ÓôËÎó²î£¬£¬£¬£¬¹¥»÷ÕßÐèÒªÔÚWindowsϵͳÉϾßÓÐÓÐÓÃµÄÆ¾Ö¤¡£¡£¡£¡£

Ó°Ïì¹æÄ£

Cisco AnyConnect Secure Mobility Client for Windows 4.9.04043֮ǰµÄ°æ±¾

ÐÞ¸´°æ±¾

Cisco AnyConnect Secure Mobility Client for Windows 4.9.04043¼°¸ü¸ß°æ±¾

 

±ðµÄ£¬£¬£¬£¬Ë¼¿ÆÐ¡ÐÍÆóÒµRV110W¡¢RV130¡¢RV130WºÍRV215W·ÓÉÆ÷Öб£´æ5¸öÏÂÁî×¢ÈëÎó²î£¨CVE-2021-1146¡¢CVE-2021-1147¡¢CVE-2021-1148¡¢CVE-2021-1149ºÍCVE-2021-1150£©£¬£¬£¬£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýʹÓÃÕâЩÎó²î×¢Èëí§ÒâÏÂÁî¡£¡£¡£¡£

³ýÉÏÊöÎó²îÍ⣬£¬£¬£¬Ë¼¿ÆÐ¡ÐÍÆóÒµRV110W¡¢RV130¡¢RV130WºÍRV215W»¹±£´æ60¸öÎó²î£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄ×°±¸·¢ËͶñÒâµÄHTTPÇëÇóÀ´Ê¹ÓÃÕâЩÎó²î£¬£¬£¬£¬ÀÖ³ÉʹÓÃÕâЩÎó²îµÄ¹¥»÷ÕßÄܹ»ÒÔrootÓû§Éí·ÝÔڵײã²Ù×÷ϵͳÉÏÖ´ÐÐí§Òâ´úÂë¡¢µ¼ÖÂ×°±¸ÖØÐ¼ÓÔØ»ò¾Ü¾øÐ§ÀÍ¡£¡£¡£¡£

 

0x02 ´¦Öóͷ£½¨Òé

½¨Òé²Î¿¼Cisco¹Ù·½Ðû²¼µÄÇ徲ͨ¸æÉý¼¶ÖÁ×îа汾¡£¡£¡£¡£

ÏÂÔØÁ´½Ó£º

https://software.cisco.com/download/find

 

0x03 ²Î¿¼Á´½Ó

https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-injec-pQnryXLf

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmxpe-75Asy9k

https://threatpost.com/cisco-flaw-cmx-software-retailers/163027/

 

0x04 ʱ¼äÏß

2021-01-13  CiscoÐû²¼Çå¾²¸üÐÂ

2021-01-14  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png