Skip to main content

Cisco Fixes Blank Admin Password Flaw in TelePresence Product

posted onNovember 7, 2013
by l33tdawg

Cisco has patched a number of vulnerabilities in several separate products, including a serious remote code execution flaw in its Wide Area Application Services Mobile software that could allow an attacker to take complete control of a vulnerable device.

Cisco also has patched a vulnerability in its TelePresence VX Clinical Assistant video conferencing system for health care environments. The fix closes a hole that enabled an attacker to login to the admin account using a blank password.

“A vulnerability in the WIL-A module of Cisco TelePresence VX Clinical Assistant could allow an unauthenticated, remote attacker to log in as the admin user of the device using a blank password,” the Cisco advisory said. “The vulnerability is due to a coding error that resets the password for the admin user to a blank password on every reboot. An attacker could exploit this vulnerability by logging in to the administrative interface as the admin user with a blank password.”

Source

Tags

Cisco Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th