Security News > 2021 > February > Critical Cisco Flaws Open VPN Routers Up to RCE Attacks
Cisco is rolling out fixes for critical holes in its lineup of small-business VPN routers.
The flaws exist in the web-based management interface of Cisco's small-business lineup of VPN routers.
On Wednesday, Cisco also warned of two high-severity flaws across this same set of small-business VPN routers.
These flaws are also fixed by firmware Release 1.0.01.02; The networking giant said that it's not aware of any exploits in the wild of the critical flaws for any of these flaws.
Cisco on Wednesday pushed out a flurry of patches addressing high-severity vulnerabilities beyond its VPN small-business routers.
Finally, Cisco patched various high-severity flaws affecting its IOS XR software, a train of Cisco Systems' widely deployed Internetworking Operating System.
News URL
https://threatpost.com/cisco-flaws-vpn-routers-rce/163662/
Related news
- CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks (source)
- Cisco warns of critical RCE zero-days in end of life IP phones (source)
- CISA warns critical SolarWinds RCE bug is exploited in attacks (source)
- RCE bug in widely used Ghostscript library now exploited in attacks (source)
- Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack (source)
- Chinese APT40 hackers hijack SOHO routers to launch attacks (source)
- Critical Windows licensing bugs, plus two others under attack, top Patch Tuesday (source)
- Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP (source)
- Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager (source)
- Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) (source)