Network Security - Page 7 of 15

Cisco patches Critical vulnerabilities in VPN and Router products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 17, 2020 July 17, 2020

Cisco has patched Critical vulnerabilities in VPN Firewall and Router products, as well as High risk bugs in SD-WAN products.

Tags: Cisco, CVE-2020-3144, CVE-2020-3323, CVE-2020-3330, CVE-2020-3331, CVE-2020-3340, Router, SD-WAN, VPN

Juniper patches Junos OS, SRX, SRC Bouncy Castle and many other vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 11, 2020 July 11, 2020

Juniper Networks has released 19 security advisories to fix many vulnerabilities on Junos OS and other products. The updates also address a Critical SRX “double free” flaw and multiple SRC Bouncy Castle vulnerabilities.

Tags: CVE-2007-6721, CVE-2018-1000613, CVE-2018-5382, CVE-2020-1640, CVE-2020-1641, CVE-2020-1643, CVE-2020-1644, CVE-2020-1645, CVE-2020-1646, CVE-2020-1647, CVE-2020-1648, CVE-2020-1649, CVE-2020-1650, CVE-2020-1651, CVE-2020-1653, CVE-2020-1654, CVE-2020-1655, JSA, Juniper, Junos

F5 patches Critical RCE vulnerability (CVE-2020-5902) in BIG-IP configuration utility

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 4, 2020 October 10, 2020

F5 has patched a Critical remote code execution (RCE) vulnerability (CVE-2020-5902) in the Configuration utility of BIG-IP. Researchers further discovered 8,000 devices were vulnerable on the internet and could result in full system compromise.

Tags: AAM, AFM, Analytics, APM, ASM, BIG-IP, CVE-2020-5902, DNS, F5, FPS, GTM, Link Controller, LTM, PEM, RCE, TMUI

Cisco patches small business switch high risk vulnerability (CVE-2020-3297) and 7 other security issues

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 4, 2020 December 25, 2020

Cisco has patched a High severity Cisco small business switch vulnerability (CVE-2020-3297) and 7 other Medium rated issues that affect multiple Cisco products.

Tags: Cisco, CVE-2020-3297, Networking, Small Business

Palo Alto Networks patches Critical PAN-OS authentication bypass vulnerability (CVE-2020-2021)

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 30, 2020 September 14, 2020

Palo Alto Networks has issued a Critical security advisory for PAN-OS authentication bypass in SAML authentication vulnerability CVE-2020-2021.

Tags: authentication, CVE-2020-2021, Firewall, Palo Alto Networks, PAN-OS, SAML

Netgear fixes high risk vulnerability in multiple routers and network devices

Network Security, Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / June 30, 2020 June 30, 2020

Netgear has released firmware updates to fix a high severity remote code execution (RCE) vulnerability in multiple Netgear routers and other network devices. A remote attacker could exploit to take control of an affected device.

Tags: 0-day, GRIMM, NETGEAR, R6700, RCE, Router, ZDI, Zero-day

XORDDoS and Kaiji DDoS botnets target internet exposed Docker servers

Configuration Management, Cybersecurity Attacks, Malware, Network Security / By Frank Crast / June 23, 2020 June 23, 2020

Security experts warn malware variants of XORDDoS and Kaiji distributed denial-of-service (DDoS) botnets are targeting exposed Docker servers.

Tags: 2375, DDoS, Docker, Kaiji, malware, XORDDoS

Cisco releases Critical Treck IP Stack advisory and 7 other High severity updates

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 19, 2020 June 20, 2020

Cisco has released a Critical security advisory for three Treck IP Stack vulnerabilities, as well as seven other High severity advisories that affect multiple products.

Tags: Cisco, CVE-2020-11896, CVE-2020-11897, CVE-2020-11898, Ripple20, Treck

New PoC exploits SMBv3 vulnerability on unpatched systems

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 9, 2020 June 9, 2020

A security researcher has developed new proof-of-concept (PoC) code that can exploit an SMBv3 compression remote code execution (RCE) vulnerability CVE-2020-0796 on unpatched Windows systems.

Tags: CERT, CVE-2020-0796, SMB, SMBGhost, SMBv3

Cisco patches Critical RCE vulnerability in Unified CCX software

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / May 23, 2020 May 26, 2020

Cisco patched a Critical RCE vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX). The company also addressed a DoS vulnerability in MDS 9000 Series Switches.

Tags: Cisco, CVE-2020-3175, CVE-2020-3280, MDS 9000