07-17-2020 , 10:19 PM
Quote:Cisco today has released security updates to address critical remote code execution (RCE), authentication bypass, and static default credential vulnerabilities affecting multiple router and firewall devices that could lead to full device takeover.
Cisco also issued a security update to patch a privilege escalation vulnerability in the Cisco Prime License Manager software.
According to the company, there are no workarounds that could be applied to address these vulnerabilities.
The five security flaws patched today received 9.8 CVSS base score qualitative severity ratings from Cisco which makes them all critical vulnerabilities.
Remotely exploitable by unauthenticated attackers
They can also be remotely exploited by unauthenticated attackers as part of low complexity attacks that don't require user interaction.
A full list of all critical security issues addressed by Cisco today is available in the table embedded below, together with links to their respective security advisories.
Continue reading HERE