Pierluigi Paganini
June 03, 2021
Cisco addressed multiple security flaws, including high-severity vulnerabilities, in Webex Player, SD-WAN software, and ASR 5000 series software. Cisco has addressed multiple vulnerabilities in its products, including high-risk flaws in Webex Player, SD-WAN software, and ASR 5000 series software. The IT giant fixed three high-severity vulnerabilities (CVE-2021-1503, CVE-2021-1526, CVE-2021-1502) affecting Webex Player for Windows and […]
Pierluigi Paganini
May 13, 2021
Cisco has addressed a zero-day in the Cisco AnyConnect Secure Mobility Client VPN software, with publicly available proof-of-concept exploit code. Cisco has addressed a zero-day vulnerability in Cisco AnyConnect Secure Mobility Client, tracked as CVE-2020-3556, that was disclosed in November. The availability of a proof-of-concept exploit code for the zero-day was confirmed by the Cisco Product Security […]
Pierluigi Paganini
May 06, 2021
Cisco fixed critical flaws in SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts, and executing commands as root. Cisco has addressed critical vulnerabilities affecting SD-WAN vManage and HyperFlex HX software that could allow creating admin accounts and executing commands as root. Cisco SD-WAN vManage Software flaws (CVE-2021-1275, CVE-2021-1468, CVE-2021-1505, CVE-2021-1506, CVE-2021-1508) could […]
Pierluigi Paganini
March 06, 2021
Cisco announced that a vulnerability in the Snort detection engine exposes several of its products to denial-of-service (DoS) attacks. Cisco announced this week that several of its products are exposed to denial-of-service (DoS) attacks due to a vulnerability in the Snort detection engine. The vulnerability resides in the Ethernet Frame Decoder of the Snort detection […]
Pierluigi Paganini
February 25, 2021
Cisco addressed over a dozen vulnerabilities in its products, including three critical bugs in ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. Cisco released security updates to address over a dozen vulnerabilities affecting multiple products, including three critical flaws impacting its ACI Multi-Site Orchestrator, Application Services Engine, and NX-OS software. The most severe vulnerability […]
Pierluigi Paganini
February 04, 2021
Cisco addressed multiple pre-auth remote code execution (RCE) flaws in small business VPN routers that allow executing arbitrary code as root. Cisco has fixed several pre-auth remote code execution (RCE) issues in multiple small business VPN routers. The flaws could be exploited by unauthenticated, remote attackers to execute arbitrary code as root on vulnerable devices. […]
Pierluigi Paganini
January 21, 2021
Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices. Cisco released security updates to address multiple flaws in Cisco SD-WAN products could allow an unauthenticated, remote attacker to execute attacks against vulnerable devices. These vulnerabilities impact devices running the following Cisco SD-WAN Software: IOS XE SD-WAN […]
Pierluigi Paganini
January 14, 2021
Cisco addressed tens of high-severity flaws, including some flaws in the AnyConnect Secure Mobility Client and in its small business routers. This week Cisco released security updates to address 67 high-severity vulnerabilities, including issues affecting Cisco’s AnyConnect Secure Mobility Client and small business routers (i.e. Cisco RV110W, RV130, RV130W, and RV215W). One of the flaws fixed […]
Pierluigi Paganini
December 10, 2020
Cisco addressed a new critical RCE vulnerability that affects several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco has released security updates to address a critical remote code execution (RCE) flaw affecting several versions of Cisco Jabber for Windows, macOS, and mobile platforms. Cisco Jabber is an instant messaging and web conferencing desktop app that […]
Pierluigi Paganini
December 07, 2020
Cisco released security updates to fix multiple pre-authentication RCE flaws with public exploits affecting Cisco Security Manager. Cisco has released security updates to address multiple pre-authentication remote code execution vulnerabilities with public exploits affecting Cisco Security Manager (CSM). CSM provides a comprehensive management solution for CISCO devices, including intrusion prevention systems and firewalls (i.e. Cisco ASA appliances, Cisco […]
