Browsing tag
Cisco has released security updates to contain three vulnerabilities affecting its products, including one high-severity flaw in its Email Security Appliance (ESA) that could result in a denial-of-service (DoS) condition on an affected device. The weakness, assigned the identifier CVE-2022-20653 (CVSS score: 7.5), stems from a case of insufficient error handling in DNS name resolution […]
Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept (PoC) exploit code targeting some of these bugs. Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the […]
Walk-through metal detectors manufactured by well-known U.S.-based firm Garett are vulnerable to remote attacks, according to Cisco Talos. Researchers at Cisco Talos discovered as many as nine vulnerabilities in walk-through metal detectors manufactured by well-known U.S.-based firm Garett. According to researchers, if these flaws are exploited, the attacker can take the detectors offline, monitor, read, and modify […]
The clients affected by the incident involving a misconfigured Amazon S3 bucket include Global 500 company Ericsson and Fortune 500 company Cisco. IT security researchers at Website Planet Security Team discovered a misconfigured Amazon S3 bucket that was owned by D.W. Morgan, a supply chain management and logistics giant D.W. Morgan. The company is headquartered […]
Cisco Systems has released security updates to address vulnerabilities in multiple Cisco products that could be exploited by an attacker to log in as a root user and take control of vulnerable systems. Tracked as CVE-2021-40119, the vulnerability has been rated 9.8 in severity out of a maximum of 10 on the CVSS scoring system […]
Networking equipment maker Cisco Systems has rolled out patches to address three critical security vulnerabilities in its IOS XE network operating system that remote attackers could potentially abuse to execute arbitrary code with administrative privileges and trigger a denial-of-service (DoS) condition on vulnerable devices. The list of three flaws is as follows – CVE-2021-34770 (CVSS […]
From cybersecurity to IT security; the demand for security professionals is at its peak like never before. Here are some certifications that will help you polish your skills. The majority of businesses utilize multiple computer networks in their operations. These businesses rely on these networks functioning correctly and smoothly. The network administrator’s main job is […]
Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices. “An attacker could exploit this vulnerability by sending a crafted request to the affected API,” the company said in an advisory published yesterday. “A successful exploit […]
Information security specialists at IT secure firm Tenable Research report the discovery of 19 vulnerabilities in Cisco SPA100 Series Voice over Internet Protocol (VoIP) adapters. The vulnerabilities were apparently found while a home VoIP service was being configured. If exploited, these vulnerabilities would allow a threat actor to listen for conversations that users hold through […]
According to digital forensics experts, Cisco has embarked on a new workday full of security patches to fix multiple critical vulnerabilities present in its Aironet wireless access points, widely used by small and medium companies. The company also released additional security patches to fix various flaws in other of its products. The most severe of […]
Cisco released new security updates for multiple software products such as Cisco ASA, FMC, and FTD Software that affects 18 vulnerabilities in various category. Cisco addressed all the 18 vulnerabilities as a “High” severity category, and the successful exploitation allows malicious hackers to gain unauthorized access to the systems deployed with vulnerable Cisco software. All […]
Cisco has just released a new set of security updates for the Cisco IOS Software IOx application. According to ethical hacking specialists, these updates fix a vulnerability that, if exploited, would allow remote threat actors without authentication to access the guest operating system (Guest OS) as a root user. The flaw, tracked as CVE-2019-12648, exists […]
It seems that companies will never stop being inconvenienced by some security flaws. Vulnerability testing experts report that Cisco has extended the update patch to address a critical denial of service (DoS) vulnerability that was first detected and corrected in 2016. The vulnerability in question, tracked as CVE-2016-1409 is a flaw on the IPv6 packet […]
Despite being one of the world’s leading technology companies, Cisco remains vulnerable to some security flaws in its various products. This time, digital forensics specialists reported the finding of a serious vulnerability in the company’s devices running the IOS XE operating system. Tracked as CVE-2019-12643, this is a critical vulnerability present in the REST API […]
Cisco is one of the world’s leading technology companies, so a security flaw in one of their equipment or solutions could compromise the operations of thousands of organizations, regardless of whether they are large companies or small businesses. Network security experts report the presence of three security flaws on Cisco 220 Series smart switches that […]
Currently it is no longer uncommon to hear about cases where technology companies intentionally omit the security issues present in their products or services. This time, the company involved is Cisco, which has just reached an agreement to pay $8.6M USD after admitting that it sold surveillance software vulnerable to multiple variants of cyberattack, reported […]
Cisco Systems has agreed to pay $8.6 million to settle a lawsuit that accused the company of knowingly selling video surveillance system containing severe security vulnerabilities to the U.S. federal and state government agencies. It’s believed to be the first payout on a ‘False Claims Act‘ case over failure to meet cybersecurity standards. The lawsuit […]
The network technology company, Cisco is set to pay a settlement agreement worth $8.6 million for an alleged violation of the U.S. False Claims Act (FCA). The case was brought-up eight years ago in May 2011, it stemmed from the claim that Cisco was neglecting its responsibility to patch its Video Surveillance Manager. James Glenn, […]
IT systems audit specialists reported a critical vulnerability in the Cisco Digital Network Architecture Center (DNA) that, if exploited, could allow a non-authenticated threat actor to access critical internal system services. Actually the company released 25 different updates for several of its products. Two of the patches fix critical vulnerabilities, seven are high-impact errors, and […]
Experts from the IICS web applications security course reported the presence of a severe vulnerability that, if exploited, would allow remote attackers to hijack Cisco’s Industrial Network Director, developed for enterprise deployment. The company announced a patch to correct this flaw yesterday afternoon, noting that no workarounds are known so far, so it is necessary […]
A group of specialists from the IICS’s information security course has discovered a critical vulnerability in Cisco equipment that, if exploited, could allow a malicious hacker to install backdoors in various company deployments, such as industrial switches, routers and firewall implementations. The vulnerability, tracked as CVE-2019-1649, allows threat actors to bypass protection from the Trust […]