Hauv kev sib tw los txhawb nws txoj kev tiv thaiv kev tiv thaiv cybersecurity, Cisco tsis ntev los no tau tshaj tawm thiab tau hais nrawm nrawm rau qhov muaj qhov tsis zoo hauv nws cov software ruaj ntseg Client. Qhov tseem ceeb tshaj plaws ntawm cov no, txheeb xyuas tias yog CVE-2024-20337, ua rau muaj kev hem thawj loj los ntawm kev tso cai nkag mus rau VPN ntu. Nrog rau CVSS tus qhab nia ntawm 8.2, qhov tsis zoo no tshwm sim los ntawm kev xa rov qab kab noj (CRLF) txhaj tshuaj tiv thaiv, nthuav tawm lub rooj vag muaj peev xwm rau cov neeg ua phem rau kev tswj xyuas cov neeg siv kev sib ntsib nrog qhov tshwm sim tsis zoo. Kab lus no qhia txog cov ntsiab lus ntawm qhov tsis zoo, nws muaj peev xwm cuam tshuam, thiab cov kauj ruam ua los ntawm Cisco los txo qhov kev pheej hmoo.
CVE-2024-20337 in Detail
Qhov tsis zoo ntawm lub plawv ntawm qhov kev hem thawj cyber no tso cai rau cov neeg tawm tsam hauv thaj chaw los siv CRLF txhaj tshuaj tiv thaiv vim tsis muaj kev lees paub ntawm cov neeg siv khoom nkag. Los ntawm kev siv cov kev sib txuas tshwj xeeb, cov neeg ua yeeb yam hem tuaj yeem dag cov neeg siv los ua qhov kev siv tsis paub txog thaum sib txuas VPN. Qhov kev tsis txaus siab no muaj qhov cuam tshuam loj heev, muab cov neeg tawm tsam muaj peev xwm ua tiav cov ntawv sau tsis raug cai nyob rau hauv cov neeg raug tsim txom browser ib puag ncig thiab nkag mus rau cov ntaub ntawv rhiab, suav nrog kev ruaj ntseg Assertion Markup Language (SAML) tokens.
Nrog rau pilfered tokens, cov neeg tawm tsam tuaj yeem pib nkag mus rau tej thaj chaw deb VPN kev sib tham, masquerading li authenticated cov neeg siv, muaj peev xwm infiltrating sab hauv tes hauj lwm thiab cuam tshuam cov ntaub ntawv rhiab heev. Qhov teeb meem tseem ceeb no nthuav dav nws mus txog thoob plaws ntau lub platform, cuam tshuam rau Secure Client software ntawm Windows, Linux, thiab macOS.
Paub txog lub ntiajteb txawj nqus ntawm qhov xwm txheej, Cisco tau ua tam sim ntawd los daws qhov tsis zoo. Lub tuam txhab tso tawm thaj ua rau thaj thoob plaws ntau yam software versions kom txo tau qhov kev pheej hmoo zoo. Versions ua ntej tshaj 4.10.04065 yog suav tias yog tsis muaj kev cuam tshuam, thaum cov kev tso tawm tom ntej tau raug txhawb kom tshem tawm qhov tsis txaus ntseeg.
Ntxiv rau CVE-2024-20337, Cisco kuj tau daws lwm qhov teeb meem loj heev, CVE-2024-20338, cuam tshuam rau Kev Ruaj Ntseg rau Linux. Nrog rau CVSS tus qhab nia ntawm 7.3, qhov tsis zoo no tuaj yeem ua rau cov neeg tawm tsam hauv zos kom txhawb nqa cov cai ntawm cov khoom siv cuam tshuam, ua rau muaj kev txhawj xeeb txog kev nyab xeeb tseem ceeb.
Nyob rau hauv teb rau cov kev tsis zoo no, Cisco yaum cov neeg siv kom sai li sai tau qhov tsim nyog thaj ua rau thaj thiab hloov kho tshiab los tiv thaiv lawv cov kab ke tiv thaiv kev siv dag zog. Qhov tseem ceeb ntawm kev ceev faj thiab ua haujlwm nyob rau hauv lub ntsej muag ntawm evolving cyber hem yuav tsis tuaj yeem overstated.
Txawm hais tias cov npe tshwj xeeb tshawb pom rau cov malware cuam tshuam nrog cov kev tsis zoo no tsis tau muab, cov koom haum tau qhia kom nyob twj ywm paub txog cov kev hem thawj tshwm sim thiab siv zog cybersecurity ntsuas txhawm rau txheeb xyuas thiab tiv thaiv kev tawm tsam. Cov kev hem thawj zoo sib xws tuaj yeem siv qhov tsis zoo hauv ntau yam software, qhia txog qhov xav tau rau kev coj ua kev nyab xeeb.
Cov kev coj ua zoo tshaj plaws rau kev tiv thaiv
Txhawm rau txhawb kev tiv thaiv cybersecurity thiab tiv thaiv kev kis kab mob yav tom ntej, cov neeg siv tau qhia kom siv cov kev coj ua zoo tshaj plaws hauv qab no:
- Tsis tu ncua hloov tshiab software thiab firmware: Xyuas kom meej tias tag nrho cov kev khiav hauj lwm systems, kev siv, thiab kev ruaj ntseg software yog hloov tshiab rau patch vulnerabilities thiab txhim khu kev ruaj ntseg system.
- Siv cov segmentation network: Faib cov tes hauj lwm ua ntu kom txwv qhov cuam tshuam ntawm kev ua txhaum cai thiab muaj cov dej num phem.
- Qhia cov neeg siv: Txhim kho kab lis kev cai ntawm cybersecurity awareness ntawm cov neeg siv, hais txog qhov tseem ceeb ntawm kev paub txog phishing sim thiab siv ceev faj nrog cov txuas thiab txuas.
- Saib xyuas kev sib txuas hauv network: Siv cov cuab yeej saib xyuas lub network uas muaj zog los kuaj xyuas thiab teb rau cov haujlwm txawv txav lossis tsis txaus ntseeg tam sim.
- Ua cov kev soj ntsuam kev ruaj ntseg tsis tu ncua: Kev soj ntsuam ib ntus thiab tshawb xyuas cov txheej txheem kev nyab xeeb, kev teeb tsa, thiab kev nkag mus rau kev tswj hwm txhawm rau txheeb xyuas thiab kho qhov muaj qhov tsis zoo.
xaus
Qhov kev tshawb pom thiab kev txo qis ntawm qhov tsis zoo hauv Cisco's Secure Client software underscore qhov xwm txheej ntawm cyber hem. Raws li cov koom haum txuas ntxiv mus taug kev hauv cov toj roob hauv pes digital, tuav lub luag haujlwm tseem ceeb, nyob twj ywm paub txog cov kev pheej hmoo tshwm sim, thiab kev siv cov kev ntsuas kev nyab xeeb zoo yog qhov tseem ceeb ntawm cov tswv yim cybersecurity. Cisco cov lus teb ua ib qho kev ceeb toom ntawm kev sib koom tes uas yuav tsum tau ua los tiv thaiv kev hloov pauv kev hem thawj thiab tiv thaiv cov ntaub ntawv rhiab los ntawm kev nkag mus tsis raug cai.