Wednesday, May 21, 2025
HomeComputer SecurityCisco Released Security Updates & Fixed 35 Vulnerabilities That Affected Several Cisco...

Cisco Released Security Updates & Fixed 35 Vulnerabilities That Affected Several Cisco Products

Published on

SIEM as a Service

Follow Us on Google News

Cisco released new security updates and patches 35 vulnerabilities that affected several Cisco Products in order to protect the customers from malicious hackers.

Among 35 vulnerabilities, Cisco marked 1 vulnerability as “critical”, 27 vulnerabilities as “High”, 6 vulnerabilities fixed under medium severity category and 1 vulnerability marked under “Informational” severity.

Critical Severity flaw is a Remote Command Execution Vulnerability CVE-2019-1663 that affected Cisco RV110W, RV130W, and RV215W Routers Wireless-N VPN and Firewall management interface allows a remote attacker to execute arbitrary code on a vulnerable device.

- Advertisement - Google News

Critical severity vulnerability affects all releases of the following Cisco products prior to those listed in Fixed Releases:

  • RV110W Wireless-N VPN Firewall
  • RV130W Wireless-N Multifunction VPN Router
  • RV215W Wireless-N VPN Router

Remote attackers exploit this critical vulnerability by sending malicious HTTP requests to a targeted device and gained the complete control of the
affected device with high privilege.

In this Cisco security updates, 27 high severity vulnerabilities Cause some of the serious attacks including Arbitrary code execution, privilege escalation, Unauthorized Filesystem Access, Web service & LAN DDoS, command injection etc.

Medium severity vulnerabilities affected some of the enterprise Cisco products including Cisco Nexus 5600 and 6000 Series Switches,Cisco Enterprise Chat and Email, Cisco Nexus 9000 Series Fabric Switches.

Cisco NX-OS Software affected with several vulnerabilities and some of the vulnerabilities could allow an authenticated, local attacker to gain elevated privileges on an affected device.

Cisco Security updates Details

Critical
Cisco RV110W, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability
High
Cisco Adaptive Security Appliance Web Services Denial of Service Vulnerability
High
Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Tetration Analytics Agent Arbitrary Code Execution Vulnerability
High
Cisco FXOS and NX-OS Lightweight Directory Access Protocol Denial of Service Vulnerabilities
High
Cisco NX-OS Software Image Signature Verification Vulnerability
High
Cisco NX-OS Software Privilege Escalation Vulnerability
High
Cisco NX-OS Software Privilege Escalation Vulnerability
High
Cisco NX-OS Software Bash Shell Privilege Escalation Vulnerability
High
Cisco Nexus 9000 Series Switches Standalone NX-OS Mode Fibre Channel over Ethernet NPV Denial of Service Vulnerability
High
Cisco NX-OS Software Netstack Denial of Service Vulnerability
High
Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability
High
Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability
High
Cisco NX-OS Software Privilege Escalation Vulnerability
High
Cisco FXOS and NX-OS Software Unauthorized Directory Access Vulnerability
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1613)
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1612)
High
Cisco FXOS and NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1611)
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1610)
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1609)
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1608)
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1607)
High
Cisco NX-OS Software CLI Command Injection Vulnerability (CVE-2019-1606)
High
Cisco NX-OS Software NX-API Command Injection Vulnerability
High
Cisco NX-OS Software 802.1X Extensible Authentication Protocol over LAN Denial of Service Vulnerability
High
Cisco NX-OS Software Bash Shell Role-Based Access Control Bypass Privilege Escalation Vulnerability
High
Cisco NX-OS Software NX-API Arbitrary Code Execution Vulnerability
High
Cisco Nexus 9000 Series Fabric Switches Application Centric Infrastructure Mode Shell Escape Vulnerability
Medium
Cisco Nexus 5600 and 6000 Series Switches Fibre Channel over Ethernet Denial of Service Vulnerability
Medium
Cisco DNA Center Access Contract Stored Cross-Site Scripting Vulnerability
Medium
Cisco Enterprise Chat and Email Cross-Site Scripting Vulnerabilities
Medium
Cisco Application Policy Infrastructure Controller IPv6 Link-Local Address Vulnerability
Medium
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Arbitrary File Read Vulnerability
Medium
Cisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Privilege Escalation Vulnerability
Informational
Action Recommended to Secure the Cisco Nexus PowerOn Auto Provisioning Feature

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.

Also Read:

Hackers Exploiting More than 9000 Cisco RV320/RV325 Routers After POC published in GitHub

Unpatched Critical Flaw in Cisco Small Business Switches Allows Attackers to Bypass User Authentication

Cisco Released Security Updates & Fixed Several Vulnerabilities that Affected Cisco Products

Privilege Escalation Flaw in Cisco ASA Allows Attackers To Read or Write Files in the System

Balaji
Balaji
BALAJI is an Ex-Security Researcher (Threat Research Labs) at Comodo Cybersecurity. Editor-in-Chief & Co-Founder - Cyber Security News & GBHackers On Security.

Latest articles

Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security

A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party...

Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication

A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs...

Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees

ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate...

PupkinStealer Exploits Web Browser Passwords and App Tokens to Exfiltrate Data Through Telegram

A newly identified .NET-based information-stealing malware, dubbed PupkinStealer (also known as PumpkinStealer in some...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Hackers Target Mobile Users Using PWA JavaScript to Bypass Browser Security

A sophisticated new injection campaign has been uncovered, targeting mobile users through malicious third-party...

Docker Zombie Malware Infects Containers for Crypto Mining and Self-Replication

A novel malware campaign targeting containerized infrastructures has emerged, exploiting insecurely exposed Docker APIs...

Hackers Masquerade as Organizations to Steal Payroll Logins and Redirect Payments from Employees

ReliaQuest, hackers have deployed a cunning search engine optimization (SEO) poisoning scheme to orchestrate...