Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited—CISA Sounds Alarm

2025-03-04 04:39

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The list of vulnerabilities is as follows - CVE-2023-20118 (CVSS score: 6.5) - A command injection

News URL

https://thehackernews.com/2025/03/cisco-hitachi-microsoft-and-progress.html

#cisa #cisco #microsoft #progress #CVE-2023-20118

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2023-04-13	CVE-2023-20118	Command Injection vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper validation of user input within incoming HTTP packets. network low complexity cisco CWE-77	7.2

Related vendor

VENDOR	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft	381	52	1423	2928	176	4579
Cisco	2048	21	1780	1675	288	3764
Progress	29	0	64	62	35	161
Hitachi	57	1	40	44	8	93

News URL

Related news

Related Vulnerability

Related vendor