How can we help?
Cisco has released a patch to address several vulnerabilities in their NFV Infrastructure Software (NFVIS).
Two of these, (CVE-2022-20777, 2022-20779) could allow attackers to execute code on the host machine and another (CVE-2022-20780) could be used to leak system data.
An authenticated, remote attacker could escape from the guest virtual machine (VM) to gain unauthorised root-level access on the NFVIS host.
Cisco Enterprise NFVIS before 4.7.1.
Containment, Mitigations & Remediations
No mitigations are listed. Devices should be updated as soon as possible.
Indicators of Compromise
Cisco PSIRT is not aware of any public announcements or exploitations in the wild.
T1210 – Exploitation of Remote Services