Cybersecurity is a key component of every aspect of a nation, and Italy also addresses it institutionally through the Csirt (Computer Security Incident Response Team).
Among the alerts constantly provided by the Csirt, we point out a critical vulnerability in Cisco Jabber for Windows, which would allow the execution of the remote code (RCE).
The flaw, due to incorrect validation of the message content, is identified by the CVE-2020-3495, whose CVSS score is 9.9 (where 10 represents the maximum assignable value).
A malicious user could exploit this vulnerability by sending specially prepared XMPP (Extensible Messaging and Presence Protocol) messages, without the need for any user interaction.
The possible exploitation of the above vulnerability determines the execution of code with current user rights, with possibility of access to confidential data.
Csirt, or Computer Security Incident Response Team
The Italian Csirt is established at the Department of Security Information (DIS) of the Presidency of the Council of Ministers, and its tasks include monitoring incidents at national level; the issue of pre-alarms, alerts, announcements and disclosure of information to interested parties in
The CSIrt shall issue pre-alarms, alert messages, newsletters and disseminate information to stakeholders on risks and incidents in order to support cyber risk awareness, prevention and management activities. It monitors accidents at national level, receives notification from the parties involved, analyses them and provides support for response, damage control and restoration of normal operation.
News, alerts and newsletters are available to all public and private actors, as well as to all citizens, whether they are professionals in the sector or not, and anyone who wishes to deepen the topic and keep up to date on the most recent vulnerabilities and threats.
In addition to the above mentioned communications, only for members of the constitution (public and private subjects specially accredited) is available a reserved area that offers additional features and information.
It also finds space, on the Computer Security Incident Response Team website, a useful and well-written glossary of terms used in computer security, in order to support those who are first faced with a cybersecurity incident.