Cisco released new security updates and patches 35 vulnerabilities that affected several Cisco Products in order to protect the customers from malicious hackers.
Among 35 vulnerabilities, Cisco marked 1 vulnerability as “critical”, 27 vulnerabilities as “High”, 6 vulnerabilities fixed under medium severity category and 1 vulnerability marked under “Informational” severity.
Critical Severity flaw is a Remote Command Execution Vulnerability CVE-2019-1663 that affected Cisco RV110W, RV130W, and RV215W Routers Wireless-N VPN and Firewall management interface allows a remote attacker to execute arbitrary code on a vulnerable device.
Critical severity vulnerability affects all releases of the following Cisco products prior to those listed in Fixed Releases:
Remote attackers exploit this critical vulnerability by sending malicious HTTP requests to a targeted device and gained the complete control of the
affected device with high privilege.
In this Cisco security updates, 27 high severity vulnerabilities Cause some of the serious attacks including Arbitrary code execution, privilege escalation, Unauthorized Filesystem Access, Web service & LAN DDoS, command injection etc.
Medium severity vulnerabilities affected some of the enterprise Cisco products including Cisco Nexus 5600 and 6000 Series Switches,Cisco Enterprise Chat and Email, Cisco Nexus 9000 Series Fabric Switches.
Cisco NX-OS Software affected with several vulnerabilities and some of the vulnerabilities could allow an authenticated, local attacker to gain elevated privileges on an affected device.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Master in Wireshark Network Analysis to keep your self-updated.
Also Read:
Hackers Exploiting More than 9000 Cisco RV320/RV325 Routers After POC published in GitHub
Cisco Released Security Updates & Fixed Several Vulnerabilities that Affected Cisco Products
Privilege Escalation Flaw in Cisco ASA Allows Attackers To Read or Write Files in the System
Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting victims…
The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ advanced…
A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to execute…
Meta has announced the removal of over 2 million accounts connected to malicious activities, including…
Critical security vulnerability has been identified in Veritas Enterprise Vault, a widely-used archiving and content…
A critical security vulnerability has been disclosed in the popular file archiving tool 7-Zip, allowing…