Cisco has fixed a critical vulnerability in Secure Access Control Server for Windows that could allow remote attackers to execute arbitrary commands and take control of the underlying operating system.
Cisco Secure ACS is an application that allows companies to centrally manage access to network resources for various types of devices and users.
The reported flaw affects Cisco Secure ACS for Windows versions 4.0 through 18.104.22.168. Successful exploitation requires that Cisco Secure Access Control Server is configured as a RADIUS server EAP-FAST authentication.
The Cisco Security advisory said:
“The vulnerability is due to improper parsing of user identities used for EAP-FAST authentication. An attacker could exploit this vulnerability by sending crafted EAP-FAST packets to an affected device. An exploit could allow the attacker to execute arbitrary commands on the Cisco Secure ACS server and take full control of the affected server,”
The newly patched vulnerability is identified as CVE-2013-3466 and received the maximum severity score, 10.0 in the Common Vulnerability Scoring System (CVSS).
Cisco has released free software updates that address the vulnerability described in this advisory. This vulnerability is first fixed in Cisco Secure ACS for Windows release 22.214.171.124.11.