¡¾Îó²îͨ¸æ¡¿Cisco¶à¸öÇå¾²Îó²î

Ðû²¼Ê±¼ä 2021-01-14

0x00 Îó²î¸ÅÊö

2021Äê01ÔÂ13ÈÕ£¬£¬£¬£¬£¬£¬£¬£¬CiscoÐû²¼Ç徲ͨ¸æ£¬£¬£¬£¬£¬£¬£¬£¬¹ûÕæÁËÆä¶à¸ö²úÆ·ÖеÄ67¸öÎó²î²¹¶¡£¬£¬£¬£¬£¬£¬£¬£¬ÕâЩÎó²îÉæ¼°AnyConnectÇå¾²Òƶ¯¿Í»§¶Ë¡¢RV110W¡¢RV130¡¢RV130WºÍRV215WСÐÍÆóҵ·ÓÉÆ÷¼°Cisco»¥ÁªÒƶ¯ÌåÑ飨CMX£©µÈ¡£¡£¡£¡£¡£¡£


0x01 Îó²îÏêÇé

image.png

 

Cisco»¥ÁªÒƶ¯ÌåÑéȨÏÞÉý¼¶Îó²î£¨CVE-2021-1144£©

¸ÃÎó²î±£´æÓÚ˼¿Æ»¥ÁªÒƶ¯ÌåÑ飨CMX£©ÖУ¬£¬£¬£¬£¬£¬£¬£¬ÊǶԸü¸ÄÃÜÂëµÄÊÚȨ¼ì²é´¦Öóͷ£²»µ±µ¼ÖµÄ£¬£¬£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö8.8¡£¡£¡£¡£¡£¡£¾­ÓÉÉí·ÝÑéÖ¤µÄ¹¥»÷Õß¿ÉÒÔͨ¹ý·¢ËͶñÒâHTTPÇëÇóÀ´Ê¹ÓôËÎó²î¡£¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔ¸ü¸ÄϵͳÉÏÈκÎÓû§£¨°üÀ¨ÖÎÀíÓû§£©µÄÃÜÂëÀ´Ã°³ä¸ÃÓû§¡£¡£¡£¡£¡£¡£µ«ÒªÊ¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷Õß±ØÐèÓµÓо­ÓÉÉí·ÝÑéÖ¤µÄCMXÕÊ»§¡£¡£¡£¡£¡£¡£

Ó°Ïì¹æÄ£

Cisco CMX°æ±¾10.6.0¡¢10.6.1ºÍ10.6.2

ÐÞ¸´°æ±¾

10.6.3¼°¸ü¸ß°æ±¾

 

Cisco AnyConnect Secure Mobility Client for Windows DLL ×¢ÈëÎó²î£¨CVE-2021-1237£©

Ä£¿£¿£¿£¿£¿£¿£¿é»¯¶ËµãÈí¼þ²úÆ·AnyConnect Secure Mobility ClientΪ¶ËµãÌṩÁËÆÕ±éµÄÇ徲ЧÀÍ£¬£¬£¬£¬£¬£¬£¬£¬ÈçÔ¶³Ì»á¼û¡¢WebÇå¾²¹¦Ð§ºÍÖÜÓα£»£»£» £»£»£»£»¤¡£¡£¡£¡£¡£¡£

¸ÃÎó²î±£´æÓÚWindows°æCisco AnyConnectÇå¾²Òƶ¯¿Í»§¶ËµÄÍøÂç»á¼ûÖÎÀíÆ÷ºÍWebÇå¾²ÊðÀí×é¼þÖУ¬£¬£¬£¬£¬£¬£¬£¬ÊÇÓ¦ÓóÌÐò¶ÔÔËÐÐʱ¼ÓÔصÄ×ÊÔ´Ñé֤ȱ·¦µ¼ÖµÄ£¬£¬£¬£¬£¬£¬£¬£¬ÆäCVSSÆÀ·Ö7.8¡£¡£¡£¡£¡£¡£¹¥»÷Õß¿ÉÒÔͨ¹ýÔÚϵͳµÄÌض¨Â·¾¶ÖвåÈëÉèÖÃÎļþÀ´Ê¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬£¬£¬´Ó¶øµ¼ÖÂÓ¦ÓóÌÐòÆô¶¯Ê±¼ÓÔضñÒâµÄDLLÎļþ¡£¡£¡£¡£¡£¡£ÀÖ³ÉʹÓôËÎó²îµÄ¹¥»÷Õß¿ÉÒÔʹÓÃSYSTEMȨÏÞÔÚÊÜÓ°ÏìµÄÅÌËã»úÉÏÖ´ÐÐí§Òâ´úÂë¡£¡£¡£¡£¡£¡£µ«ÒªÊ¹ÓôËÎó²î£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷ÕßÐèÒªÔÚWindowsϵͳÉϾßÓÐÓÐÓõÄƾ֤¡£¡£¡£¡£¡£¡£

Ó°Ïì¹æÄ£

Cisco AnyConnect Secure Mobility Client for Windows 4.9.04043֮ǰµÄ°æ±¾

ÐÞ¸´°æ±¾

Cisco AnyConnect Secure Mobility Client for Windows 4.9.04043¼°¸ü¸ß°æ±¾

 

±ðµÄ£¬£¬£¬£¬£¬£¬£¬£¬Ë¼¿ÆСÐÍÆóÒµRV110W¡¢RV130¡¢RV130WºÍRV215W·ÓÉÆ÷Öб£´æ5¸öÏÂÁî×¢ÈëÎó²î£¨CVE-2021-1146¡¢CVE-2021-1147¡¢CVE-2021-1148¡¢CVE-2021-1149ºÍCVE-2021-1150£©£¬£¬£¬£¬£¬£¬£¬£¬Ô¶³Ì¹¥»÷Õß¿ÉÒÔͨ¹ýʹÓÃÕâЩÎó²î×¢Èëí§ÒâÏÂÁî¡£¡£¡£¡£¡£¡£

³ýÉÏÊöÎó²îÍ⣬£¬£¬£¬£¬£¬£¬£¬Ë¼¿ÆСÐÍÆóÒµRV110W¡¢RV130¡¢RV130WºÍRV215W»¹±£´æ60¸öÎó²î£¬£¬£¬£¬£¬£¬£¬£¬¹¥»÷Õß¿ÉÒÔͨ¹ýÏòÊÜÓ°ÏìµÄ×°±¸·¢ËͶñÒâµÄHTTPÇëÇóÀ´Ê¹ÓÃÕâЩÎó²î£¬£¬£¬£¬£¬£¬£¬£¬ÀÖ³ÉʹÓÃÕâЩÎó²îµÄ¹¥»÷ÕßÄܹ»ÒÔrootÓû§Éí·ÝÔڵײã²Ù×÷ϵͳÉÏÖ´ÐÐí§Òâ´úÂë¡¢µ¼ÖÂ×°±¸ÖØмÓÔØ»ò¾Ü¾øЧÀÍ¡£¡£¡£¡£¡£¡£

 

0x02 ´¦Öóͷ£½¨Òé

½¨Òé²Î¿¼Cisco¹Ù·½Ðû²¼µÄÇ徲ͨ¸æÉý¼¶ÖÁ×îа汾¡£¡£¡£¡£¡£¡£

ÏÂÔØÁ´½Ó£º

https://software.cisco.com/download/find

 

0x03 ²Î¿¼Á´½Ó

https://tools.cisco.com/security/center/publicationListing.x?product=Cisco&sort=-day_sir#~Vulnerabilities

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-injec-pQnryXLf

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmxpe-75Asy9k

https://threatpost.com/cisco-flaw-cmx-software-retailers/163027/

 

0x04 ʱ¼äÏß

2021-01-13  CiscoÐû²¼Çå¾²¸üÐÂ

2021-01-14  VSRCÐû²¼Ç徲ͨ¸æ

 

0x05 ¸½Â¼

 

CVSSÆÀ·Ö±ê×¼¹ÙÍø£ºhttp://www.first.org/cvss/

image.png