Cisco has turned up a packet fragmentation issue in its TelePresence Multipoint Control Unit software that opens up a denial-of-service and remote code execution vulnerability.
Announced here, the bug has been patched, but if you need time to install the fix, you can configure the TelePresence system to run in “transcoded” content mode instead of “passthrough” mode.
When reassembling fragmented packets – IPv4 and IPv6 – the software doesn't properly validate packet size. If an attacker sent a crafted packet to a port receiving content in Passthrough mode, it could overflow a buffer.
Vulnerable systems running software version 4.3(1.68) include: TelePresence MCU 5300 Series; TelePresence MCU MSE 8510; and TelePresence MCU 4500.
In other security news, the Cisco WebEx Chrome plug-in bug disclosed by Project Zero's Tavis Ormandy last week has also turned up in – and been patched in – Firefox and Internet Explorer plug-ins.
Updating its original advisory, Cisco gives users of Firefox and IE the instructions to check their version.
For Firefox, the fix is in Version 106 of the ActiveTouch General Plugin Container. For IE, it's in Version 10031.6.2017.0127 of the GpcContainer Class for Microsoft Internet Explorer.
Microsoft Edge isn't affected. ®