Cisco BroadWorks Is Affected by a Critical-Severity Vulnerability – Source: heimdalsecurity.com

The Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform are both affected by a serious vulnerability that might allow remote attackers to counterfeit credentials and bypass authentication.

Cisco BroadWorks is a cloud communication services platform used by both businesses and consumers. The other two components mentioned are used for app management and integration.

What Do We Know So Far About the Vulnerability?

The flaw is tracked as CVE-2023-20238 and it was discovered by Cisco’s security engineers. The vulnerability received a maximum CVSS score of 10.0, meaning that it’s a critical vulnerability that needs to be patched as soon as possible.

According to a security advisory released by Cisco, threat actors can freely execute commands, gain access to private information, change user settings, and engage in toll fraud by taking advantage of the flaw.

The vulnerability affects the Cisco Application Delivery Platform and BroadWorks Xtended Services Platform if one of the following apps is active on them:

• AuthenticationService
• BWCallCenter
• BWReceptionist
• CustomMediaFilesRetrieval
• ModeratorClientApp
• PublicECLQuery
• PublicReporting
• UCAPI
• Xsi-Actions
• Xsi-Events
• Xsi-MMTel
• Xsi-VTR

Other than the two stated in the warning, CVE-2023-20238 has no effect on any other BroadWorks components, so users of other products do not need to take any action.

This vulnerability is due to the method used to validate SSO (single sign-on) tokens… An attacker could exploit this vulnerability by authenticating to the application with forged credentials.

Cisco Security Advisory (Source)

No Workaround: Users Are Recommended to Update Immediately

Cisco declared that there are no workarounds for this vulnerability, however, one prerequisite to exploiting this flaw is to have a valid user ID linked to the targeted Cisco BroadWorks system. This condition might reduce the number of potential attackers, but keep in mind that the risk is still high.

The best solution is to update to P.platform.23.0.1075.ap385341 for users of the 23.0 branch and to versions 2023.06_1.333 or 2023.07_1.332 for users of the release independent (RI) edition.

Users of the 22.0 branch are likewise affected by CVE-2023-20238, however as Cisco won’t be delivering a security update for that version, users of the earlier version are advised to upgrade to a corrected release.

If you want to keep up to date with everything we post, don’t forget to follow us on LinkedIn, Twitter, Facebook, and Youtube for more cybersecurity news and topics.