Cisco released patches for 30 vulnerabilities affecting multiple products that include 3 critical vulnerabilities, 13 High severity vulnerabilities, and 14 medium level vulnerabilities.
Critical Vulnerabilities
Cisco security update covers the recently disclosed Apache Struts Remote Code Execution Vulnerability which allows a remote attacker to execute arbitrary code on the targeted system. The vulnerability affected Cisco multiple products, here is the list.
Another critical vulnerability that resides with Cisco Umbrella API which allows a remote attacker to view and modify the data across multiple organizations.
.png
)
Cisco addressed Buffer Overflow Vulnerability web-based management interface of the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router.
Attackers could exploit this vulnerability by sending malicious packets which stop the device responding and cause a DOS condition.
| Critical | CVE-2018-11776 | 2018 Sep 05 | 1.8 |
| Critical | CVE-2018-0435 | 2018 Sep 05 | 1.0 |
| Critical | CVE-2018-0423 | 2018 Sep 05 | 1.0 |
High Impact Vulnerabilities
Cisco fixed some of the high severity vulnerabilities such as Privilege Escalation Vulnerability, information disclosure, command injection, Directory Traversal, Denial of Service, Command Injection that affects multiple Cisco products.
| High | CVE-2018-0422 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0436 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0437 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0438 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0434 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0433 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0432 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0426 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0424 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0425 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0421 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0430 | 2018 Sep 05 | 1.0 |
| High | CVE-2018-0440 | 2018 Sep 05 | 1.0 |
Medium Impact Vulnerabilities
| Medium | CVE-2018-0457 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0452 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0451 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0444 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0458 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0463 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0460 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0462 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0459 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0439 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0447 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0450 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0454 | 2018 Sep 05 | 1.0 |
| Medium | CVE-2018-0414 | 2018 Sep 05 | 1.0 |
With the last security update, Cisco fixed five vulnerabilities that affected various Cisco products and one of those flaws allow remote attackers to execute the arbitrary code and taking the system control.
Also Read
Adobe Release Security Patches to Fix Critical Vulnerabilities for Adobe Photoshop
Apache Security Update that Covers Multiple Vulnerabilities With Tomcat Native
VMware Released Critical Security Updates for Multiple Vulnerabilities Including L1 Terminal Fault
