Main Menu
Publish World Outlook Learn

Cisco Systems

  • [New] A vulnerability in the SSH Server process of Cisco IOS XR Software could allow an authenticated, remote attacker to overwrite and read arbitrary files on the local device. CISA
  • [New] Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker with a low-privileged account to elevate privileges on an affected device. CISA
  • [New] Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to delete arbitrary user accounts or gain elevated privileges on an affected system. CISA
  • [New] Most of the business travelers surveyed said that a hybrid work model will not reduce their business travel despite the availability of online conferencing apps like Zoom, Webex by Cisco and Microsoft Teams. Worth
  • A critical vulnerability in a Cisco product designed to help service providers and enterprises deploy virtualized networks can allow unauthenticated actors to bypass authentication. The Daily Swig
  • A vulnerability in the web UI for Cisco Nexus Insights could allow an authenticated, remote attacker to view and download files related to the web application. CISA
  • Most of the business travelers said that a hybrid work model will not reduce their business travel despite the availability of online conferencing apps like Zoom, Webex by Cisco and Microsoft Teams. Hotel Business
  • A critical security vulnerability in Cisco Small Business Routers allows remote code execution and denial of service. Threatpost
  • A vulnerability in the spam quarantine feature of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance, could allow an authenticated, remote attacker to gain unauthorized access and modify the spam quarantine settings of another user. CISA
  • A vulnerability in the web-based management interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system as the root user. CISA
  • A vulnerability in the image verification function of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an authenticated, remote attacker to execute code with internal user privileges on the underlying operating system. CISA
  • Cisco Umbrella uses multiple, advanced security functions to provide protection from ransomware and other security threats. Cisco Umbrella
  • Cisco has released a security update for a Critical UPnP vulnerability in Small Business router models, as well as multiple vulnerabilities in other Cisco products. Securezoo Blog
  • Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service condition. The Hacker News
  • Cisco has addressed pre-auth security vulnerabilities impacting multiple Small Business VPN routers and allowing remote attackers to trigger a denial of service condition or execute commands and arbitrary code on vulnerable devices. BleepingComputer
  • A vulnerability in the REST API of Cisco Evolved Programmable Network Manager could allow an authenticated, remote attacker to access sensitive data on an affected system. CISA
  • A vulnerability in the change password API of Cisco Connected Mobile Experiences could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. CISA
  • A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. Threatpost
  • A critical security vulnerability in a subset of Cisco Systems' small-business VPN routers could allow a remote, unauthenticated attacker to take over a device - and researchers said there are at least 8,800 vulnerable systems open to compromise. Threatpost
  • A vulnerability in the CLI interface of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to read arbitrary files on the underlying file system of an affected system. CISA
  • Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. CISA
  • A vulnerability in the REST API of Cisco Firepower Device Manager On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. CISA
  • Cisco Secure Email combines several layers of security for reducing the risk of outbound threats. Cisco

Last updated: 19 September 2021


Login