Cisco Issues Patch for Critical RCE Vulnerability in RCM for StarOS Software


Cisco Systems has released patches for a significant security hole in Cisco StarOS Software’s Redundancy Configuration Manager (RCM) that could allow an unauthenticated, remote attacker to execute arbitrary code and seize control of susceptible workstations.

In a security alert, Cisco stated, “An attacker might exploit this vulnerability by connecting to the device and browsing to the service with debug mode enabled.” “If the exploit is effective, the attacker will be able to run arbitrary commands as the root user.”

Read More…