Critical RCE error on Cisco systems allows hackers to execute arbitrary code. Many critical security flaws in Cisco allow hackers to commit arbitrary attacks commands with the consent of the users. This error affects the following Cisco systems: Cisco FXOS Software, Cisco NX-OS Software and Cisco UCS Manager Software. But let's look in more detail at how each of them is affected separately.
Cisco FXOS and UCS Manager - CLI: An error in the Cisco FXOS Software CLI and the Cisco UCS Manager Software allows a certified one local intruder execute arbitrary commands on a user's device. The error is due to the lack of validation and access control, while its successful exploitation allows a promising hacker to execute arbitrary commands on the target operating system with the benefits of the current one connection. Cisco published security updates to troubleshoot this error, under Cisco FXOS and NX-OS Software Security Advisory of February 2020.
Cisco FXOS and UCS Manager Software CLI: The bug found in the Cisco FXOS Software CLI and the Cisco UCS Manager Software CLI could allow a certified local attacker to execute arbitrary commands by Mission processed items in specific commands. Cisco has released security updates to address this error, under the February 2020 Cisco FXOS and NX-OS Software Security Advisory.
Cisco FXOS and NX-OS Software - Run arbitrary code: The error allows an unverified intruder to execute arbitrary code as root or carry out DoS attack in one device. In other words, a successful exploit of this bug could allow a hacker to cause a cache overflow (buffer overflow). Cisco released security updates to address this error under Cisco FXOS and NX-OS Software Security Advisory in February 2020.