{"id":35157,"date":"2020-05-25T09:31:44","date_gmt":"2020-05-25T09:31:44","guid":{"rendered":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/"},"modified":"2020-05-25T09:31:44","modified_gmt":"2020-05-25T09:31:44","slug":"pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/","title":{"rendered":"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs"},"content":{"rendered":"
<\/div>\n

Roundup<\/strong> It’s once again time to catch up on the latest happenings from the world of infosec.<\/p>\n

Cisco emits critical fix in latest patch bundle<\/span><\/h3>\n

We have a bunch of new security patches<\/a> from Switchzilla, including one for a critical hole in its call-center software.<\/p>\n

CVE-2020-3280<\/a> is a remote-code-execution vulnerability in the Java remote management interface for Unified Contact Center Express.<\/p>\n

An unauthenticated, remote attacker able to exploit the flaw by supplying a malformed Java object (this is possible through various user input fields) can gain get root control over the management system. Admins are being advised to update Unified CCX as soon as possible.<\/p>\n

Zoom hatches crypto plan, wants your help<\/span><\/h3>\n

After addressing complaints about its lax security and privacy practices, and reaching out<\/a> to the industry for help, Zoom has put forward a plan to implement what it says is end-to-end encryption on its video calls.<\/p>\n

The online conferencing giant, suddenly one of the most vital service providers on the planet thanks to the coronavirus lockdowns, has uploaded a whitepaper<\/a> [PDF] describing how it will improve its encryption to thwart eavesdroppers.<\/p>\n

The aim here, says Zoom, is to gradually overhaul its call encryption and security features, starting with public key management and then moving on to addressing identity management, transparency, and eventually adding real-time security protections.<\/p>\n

These plans, however, are not yet set in stone, and Zoom has invited netizens to weigh in on its GitHub page<\/a> with their thoughts on the matter. An open comment period on the paper is being held from May 22 through June 5.<\/p>\n

Talos warns of WolfRAT<\/span><\/h3>\n

Cisco’s Talos team has taken a detailed look at a spyware operation sounds like a high school garage band: WolfRAT<\/a>.<\/p>\n

The malware has so far been concentrated in Thailand and spreads through fake versions of popular Android apps in third-party markets. The software nasty is believed to be related to the DenDroid malware, though Talos is not particularly impressed with the quality of build.<\/p>\n

“This malware is simplistic in comparison to some modern-day Android malware,” the researchers noted. “The best example of that is that it doesn’t take advantage of the accessibility framework, collecting information on non-rooted devices.”<\/p>\n

Hackers try to exploit flaws in Sophos firewall product<\/span><\/h3>\n

Sophos says a set of hastily pushed hotfixes<\/a> recently helped to avert disaster.<\/p>\n

The corp reported<\/a> an SQL injection vulnerability in its XG Firewall was being targeted by an unspecified ransomware crew, though thanks to the emergency updates, the attempts to exploit the bug were unsuccessful, apparently.<\/p>\n

As the bug is still under active attack, any admins who haven’t applied the software update would be well-advised to make sure they are running the most current version of XG Firewall to keep their networks safe.<\/p>\n

Microsoft pushes Edge Chromium fix<\/span><\/h3>\n

A security fix has been issued for Chromium, which means that Microsoft has to follow suit with an update for its Chromium-based Edge browser.<\/p>\n

Redmond reported<\/a> that CVE-2020-1195 is an elevation of privilege hole that can be exploited when the Feedback extension receives malformed input from the user.<\/p>\n

“The vulnerability by itself does not allow arbitrary code to run,” notes Microsoft.<\/p>\n

“However, this vulnerability could be used in conjunction with one or more vulnerabilities (for example a remote code execution vulnerability and another elevation of privilege vulnerability) to take advantage of the elevated privileges when running.”<\/p>\n

Hackers tout 40m Wishbone credentials<\/span><\/h3>\n

Anyone running Wishbone, a mobile app that lets users vote on stuff, will want to change their password and any other services where that password was reused.<\/p>\n

This is because hackers have stolen and leaked the details<\/a> on some 40 million accounts from the app, including hashed passwords, mobile numbers, date of birth and profile images.<\/p>\n

Signal cleans up ‘coarse tracking’ vulnerability<\/span><\/h3>\n

Tenable laid claim to the discovery and reporting of a coarse tracking flaw<\/a> in the Signal secure phone app.<\/p>\n

The bug, which has already been fixed, would have potentially allowed an attacker to observe the location of a target’s DNS server via webRTC.<\/p>\n

Here’s where we should emphasize that the word tracking is pretty generous here, because Tenable estimates that the location info is only accurate to a radius of around 400 miles. So in theory, it could have exposed the person’s country, but not a lot else.<\/p>\n

Either way, just make sure you’re running the latest version of Signal and everything should be fine.<\/p>\n

macOS Notification Center holds a surprising amount of info<\/span><\/h3>\n

Kinga Kieczkowska dug into<\/a> the inner-workings of the Mac’s notification hub (used by various apps to produce pop-up alerts) and found that it logs an unexpected amount of information.<\/p>\n

What Kieczkowska revealed was a sizable database that the hub maintains with things like location history, images and message content, even the contents of Twitter private messages (should that notification option be turned on). While this isn’t a huge security risk (it’s all stored locally, after all) it is definitely an eye-opener and the full report is worth a read.<\/p>\n

Tapplock settles with FTC<\/span><\/h3>\n

When we last heard from Tapplock, the Canadian smart lock company with under fire from the FTC after it was found that<\/a> the security of its products, physical and online, was woeful.<\/p>\n

Now, the Indiegogo darling will be placing itself under the watchful eye of auditors as it has agreed<\/a> to a settlement deal with the US trade body.<\/p>\n

There’s no money involved in the settlement, but that’s pretty standard with these sort of deals. When the FTC makes a settlement like this with a first-time offender, they’re really just hoping the company is scared straight and will stop doing whatever it was that got them in trouble.<\/p>\n

Should Tapplock be found to be neglecting its security, this deal pretty much puts it at the mercy of the FTC as far as penalties.<\/p>\n

Hacker ‘Sanix’ arrested with massive data cache<\/span><\/h3>\n

A suspected hacker has been arrested in Ukraine, though the plod<\/a> did not give a name nor any info on the individual cuffed. They did say the person is thought to be Sanix, the notorious hacker who last year was offering a collection of more than 770 million purloined email addresses and millions of credentials.<\/p>\n

Adobe Character Animator draws up fix for critical bug<\/span><\/h3>\n

Adobe posted a series of security updates recently for some of its more obscure media tools. While most were relatively minor information disclosure bugs, one was a bit more serious.<\/p>\n

Those who use Adobe Character Animator will want to update their software to protect against CVE-2020-9586<\/a>, an arbitrary code execution flaw. Users can update Creative Cloud to get the fix, while admins can push it via Admin Console.<\/p>\n

While Character Animator doesn’t have the reach of Flash Player or Reader, and is highly unlikely to be targeted, it’s worth keeping your software up to date, and any code execution flaw is one worth fixing ASAP. \u00ae<\/p>\n

Sponsored:<\/span> Webcast: Ransomware has gone nuclear<\/a><\/p>\n

READ MORE HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

This and more bits and bytes from infosec world Roundup\u00a0 It’s once again time to catch up on the latest happenings from the world of infosec.\u2026 READ MORE HERE…<\/p>\n","protected":false},"author":2,"featured_media":35158,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[63],"tags":[],"class_list":["post-35157","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-the-register"],"yoast_head":"\nPre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-05-25T09:31:44+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"648\" \/>\n\t<meta property=\"og:image:height\" content=\"486\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs\",\"datePublished\":\"2020-05-25T09:31:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/\"},\"wordCount\":1178,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg\",\"articleSection\":[\"The Register\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/\",\"name\":\"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg\",\"datePublished\":\"2020-05-25T09:31:44+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2020\\\/05\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg\",\"width\":648,\"height\":486},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/","og_locale":"en_US","og_type":"article","og_title":"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-05-25T09:31:44+00:00","og_image":[{"width":648,"height":486,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs","datePublished":"2020-05-25T09:31:44+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/"},"wordCount":1178,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg","articleSection":["The Register"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/","url":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/","name":"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg","datePublished":"2020-05-25T09:31:44+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2020\/05\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs.jpg","width":648,"height":486},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/pre-authentication-remote-root-hole-in-call-center-software-thanks-cisco-just-what-a-long-weekend-needs\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Pre-authentication, remote root hole in call-center software? Thanks, Cisco. Just what a long weekend needs"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35157","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=35157"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/35157\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/35158"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=35157"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=35157"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=35157"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}