Threats & Malware, Vulnerabilities
May 29, 2020
Via: Security WeekRated critical, the vulnerabilities, tracked as CVE-2020-11651 and CVE-2020-11652, were made public at the end of April, when SaltStack patches were released. The issue, however, only appears when unsecure settings are used. The popular configuration tool uses a Salt Master […]
Threats & Malware, Vulnerabilities
January 23, 2020
Via: Threat PostA critical Cisco vulnerability exists in its administrative management tool for Cisco network security solutions. The flaw could allow an unauthenticated, remote attacker to gain administrative privileges on impacted devices. The flaw exists in the web-based management interface of the […]
Threats & Malware, Vulnerabilities
January 3, 2020
Via: Security AffairsCisco has released software updates that address several critical and high-severity vulnerabilities in its Data Center Network Manager (DCNM) product. All the vulnerabilities were reported to Cisco through Trend Micro’s Zero Day Initiative (ZDI) and Accenture’s iDefense service by the […]
Threats & Malware, Vulnerabilities
November 12, 2019
Via: Hot for SecurityA number of Cisco Small Business RV Series Routers series were found to be vulnerable to a couple of attacks, and Cisco was quick to explain what the vulnerabilities were and that the patches were issued. Cisco confirmed that command […]
November 8, 2019
Via: Help Net SecurityImagine a world where complexity is no longer the top issue on the minds of CISOs as they think about their security architectures, and a time when they no longer have to stitch together and manage multi-vendor environments. Cisco announced […]
October 17, 2019
Via: Threat PostCisco Systems has released a security update stomping out critical and high-severity flaws impacting its Aironet access points, which are entry-level wireless access points (APs) used by mid-size enterprises in their offices or small warehouses. It also issued a slew […]
Threats & Malware, Vulnerabilities
October 7, 2019
Via: Help Net SecurityCisco has fixed 18 high-impact vulnerabilities affecting several of its security offerings and is advising administrators to test and implement the offered security updates as soon as possible. “Successful exploitation of the vulnerabilities could allow an attacker to gain unauthorized […]
Threats & Malware, Vulnerabilities
August 22, 2019
Via: Help Net SecurityCisco has fixed over 30 vulnerabilities in various solutions, including Cisco UCS Director, Cisco UCS Director Express for Big Data, Cisco IMC Supervisor, and the Cisco 220 Series smart switches. Cisco 220 Series exploit Users of Cisco UCS Director and […]
Threats & Malware, Vulnerabilities
August 8, 2019
Via: Hot for SecurityNetworking behemoth Cisco has rolled out an important firmware update for users of its 220 Series smart switches after a researcher discovered three security flaws in the systems, including two deemed critical. In typical bug-reporting fashion, Switchzilla has published separate […]
August 1, 2019
Via: Security AffairsBack in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. The case was filed in the Federal District Court for the Western […]
Data loss, Threats & Malware, Vulnerabilities
June 27, 2019
Via: Threat PostCisco Systems has released emergency patches for two critical vulnerabilities in its Data Center Network Manager, which could allow attackers to take control of impacted systems. The Data Center Network Manager (DCNM) is Cisco’s network management platform for switches running […]
Threats & Malware, Vulnerabilities
June 20, 2019
Via: Help Net SecurityCisco has released another batch of fixes for many of its products, including its SD-WAN and DNA Center solutions, its Email Security Appliance, Security Manager, SOHO routers/firewalls, and more. Critical flaws CVE-2019-1625 could allow an authenticated, local attacker to elevate […]
June 14, 2019
Via: Threat PostCisco has patched a high-severity vulnerability in its software for routers and switches, which could enable a remote attacker to reconfigure or execute commands on impacted devices. IOS XE, a Linux-based version of Cisco’s Internetworking Operating System (IOS), is software […]
May 8, 2019
Via: Threat PostA critical vulnerability in the Cisco Elastic Services Controller could allow an unauthenticated, remote attacker to take full control of impacted systems – merely by sending a crafted request. Cisco Elastic Services Controller is a virtual network functions manager, which […]
Mobile, Vulnerabilities, Wireless security
April 18, 2019
Via: Threat PostCisco has rushed out patches for a critical vulnerability in its ASR 9000 routers that could give remote, unauthenticated attackers access to the devices – as well as the power to launch denial-of-service (DoS) attacks against them. The flaw is […]
April 5, 2019
Via: Help Net SecurityOwners of a slew of D-Link, ARGtek, DSLink, Secutech, TOTOLINK and Cisco consumer routers are urged to update their device’s firmware, lest they fall prey to ongoing DNS hijacking campaigns and device hijacking attacks. Targeted Cisco routers The Cisco routers […]
Vulnerabilities, Wireless security
March 28, 2019
Via: Threat PostCisco Systems issued 27 patches Wednesday tied to vulnerabilities in its IOS XE operating system and warned customers that two small business routers (RV320 and RV325) are vulnerable to attack and that no patches are available for either. A total […]
March 25, 2019
Via: Help Net SecurityNetwork attacks targeting a vulnerability in the Cisco Webex Chrome extension have increased dramatically. In fact, they were the second-most common network attack, according to WatchGuard Technologies latest Internet Security Report for the last quarter of 2018. The vulnerability was […]
Mobile security, Vulnerabilities
March 21, 2019
Via: Threat PostCisco Systems is urging customers to update several models of their IP phones after issuing patches for five high-severity flaws found in its popular business-focused IP phones. Impacted are Cisco’s IP Phone 8800 series, which are business desk phones that […]
March 15, 2019
Via: Threat PostCisco Systems is warning customers that a discovery tool for network devices can be accessed by a remote and unauthenticated attacker. The flaw could allow an adversary to log into the system and collect sensitive data tied to host operating […]