Security News > 2020 > September > Cisco Patch-Palooza Tackles 29 High-Severity Bugs
Cisco Systems released a barrage of patches, Thursday, aimed at fixing bugs in the networking giant's ubiquitous IOS operating system.
Twenty-nine of the Cisco bugs are rated high severity, with 13 rated medium in severity.
"Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall," Cisco wrote.
"A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a DoS condition," wrote Cisco.
One flaw tracked as CVE-2020-3417 impacts any Cisco hardware running Cisco IOS XE's software and allows a authenticated, local attacker to execute arbitrary code on targeted hardware.
News URL
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-24 | CVE-2020-3417 | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. | 6.7 |