"Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems"

According to security researchers at SEC Consult, two vulnerabilities discovered earlier this year in Atos Unify products could allow malicious actors to cause disruption and even backdoor the targeted system.  The vulnerabilities affect the Atos Unify Session Border Controller (SBC), which provides security for unified communications, the Unify OpenScape Branch product for remote offices, and Border Control Function (BCF), which is designed for emergency services.  The researchers discovered that the web interface of these products is affected by CVE-2023-36618, which can be exploited by an authenticated attacker with low privileges to execute arbitrary PHP functions and, subsequently, operating system commands with root privileges.  The second security hole, CVE-2023-36619, can be exploited by an unauthenticated attacker to access and execute certain scripts.  The researchers stated that attackers could leverage these scripts to cause a denial-of-service (DoS) condition or change the system's configuration.  The researchers noted that the vulnerabilities have a critical impact, but the vendor has assigned the flaws a "high severity" rating based on their CVSS score.  The researchers stated that attackers can gain full control (root access) over the appliance if any low-privileged user credentials are known and could reconfigure or backdoor the system.  Atos has released updates that should patch both Unify vulnerabilities.

SecurityWeek reports: "Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems"