Security News > 2020 > December > Cisco fixes Security Manager vulnerabilities with public exploits
Cisco has released security updates to address multiple pre-authentication vulnerabilities with public exploits affecting Cisco Security Manager that could allow for remote code execution after successful exploitation.
Cisco Security Manager helps manage security policies on a large assortment of Cisco security and network devices, and it also provides summarized reports and security event troubleshooting capabilities.
These vulnerabilities impact Cisco Security Manager releases 4.22 and earlier and they were disclosed by Cisco on November 16, after being reported by Code White security researcher Florian Hauser in August.
Hauser shared proof-of-concept exploits for all 12 Cisco Security Manager vulnerabilities he reported after Cisco PSIRT stopped responding.
Cisco addressed two of the 12 vulnerabilities but didn't provide any security updates to fix multiple security bugs, collectively tracked as CVE-2020-27131.
News URL
Related news
- Google Adds New Pixel Security Features to Block 2G Exploits and Baseband Attacks (source)
- Researchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol Libraries (source)
- CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches (source)
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short (source)
- Emergency patch: Cisco fixes bug under exploit in brute-force attacks (source)
- Exploited: Cisco, SharePoint, Chrome vulnerabilities (source)
- HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities (source)
- Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-17 | CVE-2020-27131 | Deserialization of Untrusted Data vulnerability in Cisco Security Manager Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. | 9.8 |