CISCO

Pierluigi Paganini August 04, 2017
Cisco fixes DoS, Authentication Bypass issues with its products and OSPF flaw

Cisco addressed 15 flaws in its products, including 2 flaws that could be exploited by attackers to trigger a DoS condition or bypass local authentication. Cisco addressed 15 vulnerabilities affecting a dozen products, including two high severity flaws that could be exploited by attackers to trigger a denial of service condition or bypass local authentication. […]

Pierluigi Paganini July 17, 2017
For the second time in the year, experts found a flaw in Cisco WebEx Extension

For the second time in a year, a highly critical remote code execution vulnerability was found in the Cisco WebEx Extension. For the second time in a year, a highly critical remote code execution vulnerability, tracked as CVE-2017-6753, was discovered in the Cisco Systems WebEx browser extension for Chrome and Firefox. The vulnerability could be exploited by attackers to […]

Pierluigi Paganini July 15, 2017
CISCO issues security patches for nine serious RCEs in SNMP subsystem in IOS and IOS XE

Cisco has fixed nine serious remote code execution flaws in the SNMP subsystem running in all the releases of IOS and IOS XE software. The tech giant publicly disclosed the vulnerability on June 29 and provided workarounds, not it is notifying customers about the availability of security patches. The nine issues, that have been tracked with […]

Pierluigi Paganini July 10, 2017
US Food Payment Kiosk Vendor Avanti Markets Hacked, Biometric data stolen

US payment kiosk vendor Avanti Markets that installs its self-service payment devices in corporate breakrooms across America suffered a security breach. The US payment kiosk vendor Avanti Markets that installs its self-service payment devices in thousands of corporate breakrooms across America suffered a security breach. According to the popular investigator Brian Krebs who first reported the news, the systems of the company were infected […]

Pierluigi Paganini June 30, 2017
Cisco IOS Software is affected by RCE flaws that could allow full hack of the devices

Experts at CISCO discovered severe remote code execution vulnerabilities in Cisco IOS Software while conducting internal testing. Cisco warned users of serious vulnerabilities in IOS software that can be exploited by authenticated, remote attackers for code execution and denial-of-service (DoS) attacks. Experts at CISCO discovered the vulnerabilities while conducting internal testing. “The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS […]

Pierluigi Paganini May 17, 2017
CISCO start assessing its products against the WannaCry Vulnerability

The tech giant Cisco announced an investigating on the potential impact of WannaCry malware on its products. Recent massive WannaCry ransomware attack highlighted the importance of patch management for any organization and Internet users. Another Tech giant, Cisco announced it is investigating the potential impact of WannaCry malware on its products, especially on its solutions that […]

Pierluigi Paganini May 11, 2017
Cisco patched CVE-2017-3881 IOS XE Vulnerability leaked in CIA Vault 7 Dump

Cisco patched the critical CVE-2017-3881 flaw that affects CISCO Catalyst switches and that can be potentially exploited by attackers to hijack networks. Cisco patched a critical security flaw, tracked as CVE-2017-3881, affecting its CISCO Catalyst switches that can be potentially exploited by attackers to hijack networks. The vulnerability was disclosed in the CIA Vault 7 data leak, according to Switchzilla […]

Pierluigi Paganini May 06, 2017
Cisco fixes a critical flaw in CISCO CVR100W Wireless-N VPN Small Business Routers

Cisco released a firmware update to fix a critical buffer overflow vulnerability in CISCO CVR100W Wireless-N VPN Small Business Routers. Cisco has released a firmware update to fix a critical vulnerability in its CVR100W Wireless-N VPN routers. The flaw, tracked as CVE-2017-3882, can be exploited by attackers to trigger a denial-of-service (DoS) condition and execute arbitrary code […]

Pierluigi Paganini March 20, 2017
CIA Vault7 Leak – Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution flaw

After the leak of the CIA Vault7 archive, experts from CISCO warn of Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution flaw. Recently Wikileaks announced it is planning to share with IT firms details about vulnerabilities in a number of their products, the flaw are exploited by the hacking tools and […]

Pierluigi Paganini March 02, 2017
High severity bug discovered in CISCO NETFLOW GENERATION APPLIANCE

A flaw in Cisco NetFlow Generation Appliance tracked as CVE-2017-3826, could be exploited by an unauthenticated, remote attacker to cause a DoS condition. “A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial […]