Security News > 2020 > May > Cisco Patches Critical Vulnerability in Contact Center Software
Cisco this week released security patches to address several vulnerabilities in its products, including a critical severity bug in its Unified Contact Center Express software.
The issue, Cisco explains in an advisory, exists because of the software's insecure deserialization of user supplied content.
Cisco also released a software update to address a high vulnerability in Prime Network Registrar that could be abused by a remote, unauthenticated attacker to cause a denial of service condition.
Cisco addressed medium risk vulnerabilities in AMP for Endpoints Mac Connector Software and AMP for Endpoints Linux Connector Software, which could be abused to cause a DoS condition or cause a crash and restart of the service.
Prime Collaboration Provisioning Software releases earlier than 12.6 SU2 were found impacted and Cisco says it is not aware of a workaround for this issue.
News URL
Related news
- Elastic Releases Urgent Fix for Critical Kibana Vulnerability Enabling Remote Code Execution (source)
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- Critical PHP RCE vulnerability mass exploited in new attacks (source)
- Cisco IOS XR vulnerability lets attackers crash BGP on routers (source)
- New Critical AMI BMC Vulnerability Enables Remote Server Takeover and Bricking (source)
- IBM scores perfect 10 ... vulnerability in mission-critical OS AIX (source)
- Critical Veeam Backup & Replication RCE vulnerability fixed, patch ASAP! (CVE-2025-23120) (source)
- Infoseccers criticize Veeam over critical RCE vulnerability and a failing blacklist (source)
- Critical Cisco Smart Licensing Utility flaws now exploited in attacks (source)
- Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility (source)