Security News > 2020 > November > Cisco Patches Critical Flaw After PoC Exploit Code Release
A day after proof-of-concept exploit code was published for a critical flaw in Cisco Security Manager, Cisco has hurried out a patch.
PoC exploits for the flaw - as well as 11 other issues in Cisco Security Manager - were published online Monday by security researcher Florian Hauser.
The flaw affects Cisco Security Manager releases 4.21 and earlier; the issue is fixed in Cisco Security Manager Release 4.22.
Cisco on Tuesday also disclosed two high-severity vulnerabilities in Cisco Security Manager.
Last week, the networking giant warned of a high-severity flaw in Cisco's IOS XR software that could allow unauthenticated, remote attackers to cripple Cisco Aggregation Services Routers.
News URL
https://threatpost.com/critical-cisco-flaw-sensitive-data/161305/
Related news
- Cisco warns of denial of service flaw with PoC exploit code (source)
- Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) (source)
- Patch now: Cisco fixes critical 9.9-rated, make-me-admin bug in Meeting Management (source)
- Hackers exploit critical unpatched flaw in Zyxel CPE devices (source)
- Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc (source)
- Critical Cisco ISE bug can let attackers run commands as root (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)
- PoC exploit for Ivanti Endpoint Manager vulnerabilities released (CVE-2024-13159) (source)