Cisco Umbrella Vulnerability: Cloud Security Platform Fix Arrives
Cisco Systems has released software updates for its cloud-based Umbrella security platform after Critical Start, an MSSP that specializes in managed detection and response (MDR) services, this week identified an Umbrella security vulnerability.
The security vulnerability enables authenticated cybercriminals to elevate Umbrella Enterprise Roaming Client (ERC) privileges to Administrator s, according to Cisco. It occurs due to improper implementation of file system permissions that allow non-administrative users to place files within restricted directories.
To exploit the Umbrella vulnerability, cybercriminals can place an executable file within a restricted directory, Cisco said. Then, they can execute the file to run ERC Administrator privileges.
The vulnerability affects Umbrella ERC releases prior to 2.1.118 and Umbrella Roaming Module releases prior to 4.6.1098. There are no workarounds for the Umbrella vulnerability, but Cisco’s software updates enable Umbrella users to address the issue.
Critical Start Identifies VMware NSX SD-WAN Vulnerability
In addition to identifying the Umbrella vulnerability, Critical Start in July discovered a flaw in VMware NSX SD-WAN environments by Velocloud. Critical Start alerted VMware’s Security Response Center about the vulnerability, and VMware immediately released a patch to correct the issue.
The VMware vulnerability affected network devices, including routers, switches and firewalls, according to Critical Start. As such, the vulnerability exposed sensitive, network-based information to unauthorized access and use.
What Is Critical Start?
Critical Start is “the fastest-growing cybersecurity integrator in North America,” the company asserts. It provides managed security, incident response and professional services and looks poised to accelerate its growth.
Critical Start increased its year-over-year revenue by 87 percent in the first seven months of 2018, and its MDR business grew 300 percent year over year during the time frame, the company said. Also, Critical Start recently moved into a 15,000 square-foot facility in Plano, Texas that includes a cybersecurity security operations center (SOC) and corporate offices.
Furthermore, Critical Start in March acquired Advanced Threat Analytics (ATA), a security orchestration technology provider, for an undisclosed amount of cash and stock. The acquisition enabled Critical Start to provide a white-label managed security services offering for value-added resellers (VARs) and managed service providers (MSPs).