Cisco TelePresence Video Communication Server Expressway Privilege Escalation Vulnerabilities
22 Dec. 2015
The process-management implementation in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2 allows local users to gain privileges by terminating a firestarter.py supervised process and then triggering the restart of a process by the root account
* Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2
A vulnerability in the process management code of the Cisco TelePresence Video Communication Server (VCS) Expressway could allow an authenticated, local attacker to run arbitrary programs with elevated privileges. The vulnerability is due to the failure to protect a supervised process. An attacker could exploit this vulnerability by completing a series of steps that ultimately allows a lower-privileged process to be restarted with root privilege. An attacker would need to crash a firestarter.py supervised process before the privilege is escalated after the process is restarted. A successful exploit could allow the attacker to gain elevated privileges on the device, which could result in a complete system compromise.