Security News > 2021 > February > Critical Cisco Flaws Open VPN Routers Up to RCE Attacks
Cisco is rolling out fixes for critical holes in its lineup of small-business VPN routers.
The flaws exist in the web-based management interface of Cisco's small-business lineup of VPN routers.
On Wednesday, Cisco also warned of two high-severity flaws across this same set of small-business VPN routers.
These flaws are also fixed by firmware Release 1.0.01.02; The networking giant said that it's not aware of any exploits in the wild of the critical flaws for any of these flaws.
Cisco on Wednesday pushed out a flurry of patches addressing high-severity vulnerabilities beyond its VPN small-business routers.
Finally, Cisco patched various high-severity flaws affecting its IOS XR software, a train of Cisco Systems' widely deployed Internetworking Operating System.
News URL
https://threatpost.com/cisco-flaws-vpn-routers-rce/163662/
Related news
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Critical SimpleHelp Flaws Allow File Theft, Privilege Escalation, and RCE Attacks (source)
- New Cleo zero-day RCE flaw exploited in data theft attacks (source)
- Apache issues patches for critical Struts 2 RCE bug (source)
- Cleo patches critical zero-day exploited in data theft attacks (source)
- New IOCONTROL malware used in critical infrastructure attacks (source)
- CISA confirms critical Cleo bug exploitation in ransomware attacks (source)
- Iran-linked crew used custom 'cyberweapon' in US critical infrastructure attacks (source)
- Over 25,000 SonicWall VPN Firewalls exposed to critical flaws (source)
- Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks (source)