Security News > 2021 > February > Critical Cisco Flaws Open VPN Routers Up to RCE Attacks
Cisco is rolling out fixes for critical holes in its lineup of small-business VPN routers.
The flaws exist in the web-based management interface of Cisco's small-business lineup of VPN routers.
On Wednesday, Cisco also warned of two high-severity flaws across this same set of small-business VPN routers.
These flaws are also fixed by firmware Release 1.0.01.02; The networking giant said that it's not aware of any exploits in the wild of the critical flaws for any of these flaws.
Cisco on Wednesday pushed out a flurry of patches addressing high-severity vulnerabilities beyond its VPN small-business routers.
Finally, Cisco patched various high-severity flaws affecting its IOS XR software, a train of Cisco Systems' widely deployed Internetworking Operating System.
News URL
https://threatpost.com/cisco-flaws-vpn-routers-rce/163662/
Related news
- Critical Veeam RCE bug now used in Frag ransomware attacks (source)
- Palo Alto Networks warns of critical RCE zero-day exploited in attacks (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- D-Link urges users to retire VPN routers impacted by unfixed RCE flaw (source)
- Synology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS Devices (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- Cisco scores a perfect CVSS 10 with critical flaw in its wireless system (source)
- HPE warns of critical RCE flaws in Aruba Networking access points (source)
- CISA warns of critical Palo Alto Networks bug exploited in attacks (source)