Pierluigi Paganini
March 02, 2017
A flaw in Cisco NetFlow Generation Appliance tracked as CVE-2017-3826, could be exploited by an unauthenticated, remote attacker to cause a DoS condition. “A vulnerability in the Stream Control Transmission Protocol (SCTP) decoder of the Cisco NetFlow Generation Appliance (NGA) could allow an unauthenticated, remote attacker to cause the device to hang or unexpectedly reload, causing a denial […]
Pierluigi Paganini
February 03, 2017
The experts at Cisco have discovered a critical authentication bypass vulnerability in the Cisco Prime Home during an internal security testing. Cisco has released a security update for CISCO Prime Home remote management and provisioning solution to fix a flaw that could be exploited to authentication bypass. The experts at Cisco have discovered the critical […]
Pierluigi Paganini
January 28, 2017
A critical flaw tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform, MCU 5300 Series, MSE 8510 and MCU 4500. A critical vulnerability tracked as CVE-2017-3792 affects three different models of the CISCO TelePresence MCU platform. Cisco TelePresence MCU platform is a high-definition multimedia conferencing bridge that is widely adopted due to its […]
Pierluigi Paganini
January 24, 2017
Tavis Ormandy, a security expert at Google Project Zero, has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Google Project Zero researcher Tavis Ormandy has discovered a critical remote code execution vulnerability in the Cisco WebEx browser extension. Cisco’s initial fix does not appear to be complete, which has led to […]
Pierluigi Paganini
December 23, 2016
Cisco is warning customers about a critical privilege escalation flaw that has been exploited in attacks against the Cisco CloudCenter Orchestrator systems. Cisco has warned its customers of a critical privilege escalation flaw in Cisco CloudCenter Orchestrator systems, tracked as CVE-2016-9223, that has been exploited in cyber attacks. The Cisco CloudCenter is a hybrid cloud management […]
Pierluigi Paganini
November 07, 2016
Cisco data leak – Cisco has fixed a security vulnerability in the company Professional Careers portal that exposed personal information of the users. Cisco data leak – Cisco has fixed a security vulnerability existing in the company Professional Careers portal that may have leaked personal information. Cisco has notified the issue to the affected users […]
Pierluigi Paganini
October 14, 2016
Cisco fixed a critical vulnerability in the Cisco Meeting Server, tracked as CVE-2016-6445, that allows remote attackers to impersonate legitimate users. A security vulnerability in Cisco Meeting Server, tracked as CVE-2016-6445, could be exploited by attackers to impersonate legitimate users. Experts from Cisco uncovered the vulnerability during a routine security audit of a customer. The hole resides […]
Pierluigi Paganini
September 21, 2016
The Shadowserver Foundation has conducted a scan of the Internet for CISCO devices running IOS software affected by the CVE-2016-6415 vulnerability. Recently experts from CISCO discovered a vulnerability, tracked as CVE-2016-6415, in IOS system,while investigating the Equation Group‘s exploits leaked by the Shadow Broker hacker group. In particular, experts from CISCO were evaluating the impact […]
Pierluigi Paganini
September 19, 2016
Cisco revealed the existence of another zero-day vulnerability, tracked as CVE-2016-6415, in the Equation Group archive leaked by the Shadow Broker hackers. This summer a group of hackers known as Shadow Brokers hacked into the arsenal of the NSA-linked group Equation Group and leaked roughly 300 Mb of exploits, implants, and hacking tools. The existence of the […]
Pierluigi Paganini
September 16, 2016
Cisco has released several Security Updates to fix many vulnerabilities in its products, including a nasty RCE in WebEx Meetings servers. Cisco has issued a patch to address the remote code execution flaw (CVE-2016-1482) that affects company WebEx Meetings servers. The remote code execution flaw (CVE-2016-1482) could be exploited by remote, unauthenticated attackers to execute arbitrary commands […]
APT / February 05, 2026
