Cisco issued issued an updated advisory warning of active exploits in the wild against a Cisco security appliance XSS vulnerability CVE-2020-3580. Proof of concept (PoC) exploit code has also been released to the public.
Cisco has patched multiple vulnerabilities in Cisco SD-WAN, Small Business routers, Unified Communications Products and Advanced Malware Protection. Two of those vulnerabilities (CVE-2021-1479, CVE-2021-1459) are rated Critical.
Cisco has patched a Cisco AnyConnect Secure Mobility Client DLL hijacking vulnerability (CVE-2021-1366). An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.
Cisco has patched multiple remote code execution vulnerabilities in Small Business router models RV160, RV160W, RV260, RV260P and RV260W VPN Routers.
Cisco has patched eight Critical vulnerabilities in SD-WAN products, as well as fixes for multiple other network products.
Cisco has patched multiple vulnerabilities in Small Business routers, Cisco Connected Mobile Experiences (CMX) and AnyConnect products.
Cybersecurity experts have revealed a growing list of SolarWinds 2nd stage attack victims based on malware analysis.
The Cybersecurity and Infrastructure Security Agency (CISA) has warned the recent compromise by threat actors of SolarWinds poses a 'grave risk' to critical infrastructure, government and private sector organizations.
Cisco has patched multiple Critical Jabber Desktop and Mobile Client vulnerabilities. An attacker could remotely exploit some of these vulnerabilities to take control of an impacted system.
Cisco has patched three Cisco Security Manager vulnerabilities, one rated Critical and two High severity, that could allow a remote attacker to exploit and obtain sensitive information.