Cisco Releases Flood of Patches for IOS XE, But Leaves Some Routers Open to Attack

March 28, 2019

Cisco Systems issued 27 patches Wednesday tied to vulnerabilities in its IOS XE operating system and warned customers that two small business routers (RV320 and RV325) are vulnerable to attack and that no patches are available for either. A total of 19 of the bugs were rated high severity by Cisco, with the others rated medium.

The two router vulnerabilities are rated high and are part of Cisco’s Dual Gigabit WAN VPN RV320 and RV325 line of small business routers. Both router flaws were first patched in January, however, Cisco said on Wednesday that both patches were “incomplete” and that both routers were still vulnerable to attack. It added in both cases that, “firmware updates that address [these vulnerabilities] are not currently available.” It added there are no workarounds that address either vulnerability.

Read More on Threat Post