CISCO

Pierluigi Paganini March 05, 2020
Cisco addresses high severity RCE flaws in Webex Player

Cisco has released security updates to fix multiple vulnerabilities in various products, including two remote code execution flaws in Webex Player.  The two remote code execution vulnerabilities fixed by Cisco have been tracked CVE-2020-3127 and CVE-2020-3128 respectively. The vulnerabilities have been rated as high severity and received a CVSS score of 7.8. The vulnerabilities are caused by the […]

Pierluigi Paganini March 03, 2020
Cisco offers free 90-day Webex Licenses due to coronavirus outbreak

Cisco has decided to extend its business licenses for the free Webex account that will be available for 90-day due to Coronavirus/COVID-19 outbreak. Cisco has announced an enhancement of its free Webex account offerings and is offering free 90-day business licenses to limit the spread of Coronavirus. WebEx is a popular web conferencing and videoconferencing […]

Pierluigi Paganini February 28, 2020
Cisco addresses vulnerabilities in FXOS, UCS Manager and NX-OS Software

Cisco released security patches for 11 vulnerabilities in its products, including the Cisco UCS Manager, FXOS, and the NX-OS software. The most severe vulnerabilities, rated as high severity, affect FXOS and NX-OS that could be exploited by an unauthenticated, adjacent attacker to execute arbitrary code as root. The exploitation of the flaw could trigger a denial […]

Pierluigi Paganini February 20, 2020
Cisco fixes a static default credential issue in Smart Software Manager tool

Cisco has released security updates to address 17 vulnerabilities affecting its networking and unified communications product lines. Cisco has released security patches to fix 17 vulnerabilities affecting its networking and unified communications product lines. The types of fixed vulnerabilities include remote access and code execution, elevation of privilege, denial of service, and cross-site request forgeries. One of […]

Pierluigi Paganini January 30, 2020
Cisco Small Business Switches affected by DoS and information disclosure flaws

Cisco addressed high-severity flaws in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Cisco released security patches to addressed high-severity vulnerabilities in Small Business Switches that can be exploited to access sensitive device data and to trigger a DoS condition. Both issues could be exploited […]

Pierluigi Paganini January 25, 2020
Cisco Webex flaw allows unauthenticated remote attackers to join private meetings

Cisco addressed a vulnerability in Cisco Webex that could be exploited by a remote, unauthenticated attacker to join a protected video conference meeting. Cisco has addressed a high-severity flaw in the Cisco Webex video conferencing platform (CVE-2020-3142) that could be exploited by a remote, unauthenticated attacker to enter a password-protected video conference meeting. In order […]

Pierluigi Paganini January 24, 2020
Cisco fixes critical issue in Cisco Firepower Management Center

Cisco addressed a critical issue in the Cisco Firepower Management Center (FMC) that could allow a remote attacker to bypass authentication and execute arbitrary actions. Cisco fixed a critical vulnerability in the Cisco Firepower Management Center that could allow a remote attacker to gain administrative access to the web-based management interface of the vulnerable devices […]

Pierluigi Paganini January 17, 2020
Expert released PoC exploits for recently disclosed Cisco DCNM flaws

A researcher has publicly released some proof-of-concept (PoC) exploits and technical details for flaws in Cisco’s Data Center Network Manager (DCNM). Early this month, Cisco released security updates for its Cisco’s Data Center Network Manager (DCNM) product that address several critical and high-severity vulnerabilities. All the vulnerabilities were reported to Cisco through Trend Micro’s Zero Day Initiative (ZDI) and Accenture’s iDefense service […]

Pierluigi Paganini October 17, 2019
Critical and high-severity flaws addressed in Cisco Aironet APs

A critical flaw in Aironet access points (APs) can be exploited by a remote attacker to gain unauthorized access to vulnerable devices. Cisco disclosed a critical vulnerability in Aironet access points (APs), tracked as CVE-2019-15260, that can be exploited by a remote, unauthenticated attacker to gain unauthorized access to vulnerable devices with elevated privileges. This vulnerability […]

Pierluigi Paganini September 01, 2019
Cisco addresses CVE-2019-12643 critical flaw in virtual Service Container for IOS XE

Cisco released security updates for Cisco IOS XE operating system to address a critical vulnerability that could be exploited by a remote attacker to bypass authentication. Cisco released security updates for Cisco IOS XE OS to address a critical flaw, tracked as CVE-2019-12643, that could be exploited by a remote attacker to bypass authentication. “On […]