Critical Security Bug Opens Cisco BroadWorks to Complete Takeover

Cyberattackers could exploit CVE-2023-20238 to carry out a variety of nefarious deeds, from data theft and code execution to phishing, fraud, and DoS.

Tara Seals, Dark Reading

September 8, 2023

1 Min Read
Hand working at laptop computer

This article originally appeared on Dark Reading.

A critical security vulnerability in Cisco's BroadWorks unified collaboration and messaging platform could pave the way for complete takeover of the platform, and the theft of a raft of sensitive data.

BroadWorks is an all-in-one unified communications as a service (UCaaS) platform that includes VoIP calling, instant messaging, video calling, WebEx integration, and more. It's one of Cisco's flagship offerings and enjoys dominant market share, with millions of business seats signed up across enterprises and small and midsize businesses (SMBs) alike.

The bug (CVE-2023-20238), which exists in some implementations of the BroadWorks Application Delivery Platform and the BroadWorks Xtended Services Platform specifically, carries a 10 out of 10 on the CVSS vulnerability-severity scale.

According to an official advisory, cyberattackers wielding a valid BroadWorks user ID can exploit the platform's single sign-on (SSO) implementation to authenticate as an existing user. From there, they could hijack communications, snoop on sensitive communications, send fraudulent messages, phish info from other internal users, make phone calls for toll fraud purposes, cause denial-of-service (DoS), and more.

"This vulnerability is due to the method used to validate SSO tokens," according to the networking giant. "A successful exploit could allow the attacker to [take actions at the] privilege level of the forged account ... If that account is an administrator account, the attacker would have the ability to view confidential information, modify customer settings, or modify settings for other users."

Related:How To Reassure the C-Suite During a Cybersecurity Crisis

Cisco has patched CVE-2023-20238 in AP.platform.23.0.1075.ap385341 and in the 2023.06_1.333 and 2023.07_1.332 release independent versions.

Read more about:

Dark Reading

About the Author(s)

Tara Seals

Managing Editor, News, Dark Reading

Tara Seals has 20+ years of experience as a journalist, analyst and editor in the cybersecurity, communications and technology space. Prior to Dark Reading, Tara was Editor in Chief at Threatpost, and prior to that, the North American news lead for Infosecurity Magazine. She also spent 13 years working for Informa (formerly Virgo Publishing), as executive editor and editor-in-chief at publications focused on both the service provider and the enterprise arenas. A Texas native, she holds a B.A. from Columbia University, lives in Western Massachusetts with her family and is on a never-ending quest for good Mexican food in the Northeast.

Dark Reading

Long one of the most widely read cyber security news sites on the Web, Dark Reading, a sister site to ITPro Today, is now the most trusted online community for security professionals like you. Dark Reading's community members include thought-leading security researchers, CISOs, and technology specialists, along with thousands of other security professionals.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like