Get in Touch
Vulnerabilities in Cisco NFVIS allow guest VM escape
Overview
Cisco has released a patch to address several vulnerabilities in their NFV Infrastructure Software (NFVIS).
Two of these, (CVE-2022-20777, 2022-20779) could allow attackers to execute code on the host machine and another (CVE-2022-20780) could be used to leak system data.
Impact
An authenticated, remote attacker could escape from the guest virtual machine (VM) to gain unauthorised root-level access on the NFVIS host.
Affected Products
Cisco Enterprise NFVIS before 4.7.1.
Containment, Mitigations & Remediations
No mitigations are listed. Devices should be updated as soon as possible.
Indicators of Compromise
None listed.
Threat Landscape
Cisco PSIRT is not aware of any public announcements or exploitations in the wild.
Mitre Methodologies
T1210 – Exploitation of Remote Services
Further Information
Cisco Enterprise NFV Infrastructure Software Vulnerabilities