Security News

Cisco has addressed a critical security vulnerability found in the Web UI of multiple IP Phone models that unauthenticated and remote attackers can exploit in remote code execution attacks. The security vulnerabilities were discovered by Zack Sanchez of the Cisco Advanced Security Initiatives Group during internal security testing.

A critical vulnerability in the ClamAV scanning library used by its Secure Endpoint, Secure Endpoint Private Cloud, and Secure Web Appliance, and. High-risk vulnerabilities affecting Email Security Appliance and Cisco Secure Email and Web Manager, proof-of-concept exploit code for which is already available.

Cisco's open source ClamAV can fill that role - once you patch the 9.8/10 rated arbitrary code execution flaw the networking giant revealed on Wednesday. "A vulnerability in the HFS+ partition file parser of ClamAV versions 1.0.0 and earlier, 0.105.1 and earlier, and 0.103.7 and earlier could allow an unauthenticated, remote attacker to execute arbitrary code," states Cisco's security advisory, which identifies the issue as CVE-2023-20032.

Cisco's 2023 Data Privacy Benchmark Study found that companies that invest in closing the gap are benefitting: The study found that the estimated dollar value of benefits from privacy rose more than 13% in 2022 to $3.4 million from $3.0 million the year before, with significant gains across the various organization sizes. A Cisco blog about its 2023 Data Privacy Benchmark Survey said its estimated $3.4 million value of benefits from privacy initiatives constituted 1.8 times spending on privacy, with 36% of organizations getting returns at least twice their spending.

F5 has warned of a high-severity flaw impacting BIG-IP appliances that could lead to denial-of-service (DoS) or arbitrary code execution. The issue is rooted in the iControl Simple Object Access...

Cisco has released security updates this week to address a high-severity vulnerability in the Cisco IOx application hosting environment that can be exploited in command injection attacks. "An attacker could exploit this vulnerability by deploying and activating an application in the Cisco IOx application hosting environment with a crafted activation payload file," Cisco explains in a security advisory published on Wednesday.

Cisco has released patches for a high-severity vulnerability found in some of its industrial routers, gateways and enterprise wireless access points, which may allow attackers to insert malicious code that can't be deleted by simply rebooting the device or updating its firmware. "In this case, the command injection bypasses mitigations Cisco has in place to ensure vulnerabilities do not persist in a system. Side-stepping this security measure means that if an attacker exploits this vulnerability, the malicious package will keep running until the device is factory reset or until it is manually deleted," according to Trellix vulnerability researchers Sam Quinn and Kasimir Schulz.

Over 19,000 end-of-life Cisco VPN routers on the Internet are exposed to attacks targeting a remote command execution exploit chain. By chaining two security flaws disclosed last week, threat actors can bypass authentication and execute arbitrary commands on the underlying operating system of Cisco Small Business RV016, RV042, RV042G, and RV082 routers.

Cisco has warned of two security vulnerabilities affecting end-of-life Small Business RV016, RV042, RV042G, and RV082 routers that it said will not be fixed, even as it acknowledged the public availability of proof-of-concept exploit. The issues are rooted in the router's web-based management interface, enabling a remote adversary to sidestep authentication or execute malicious commands on the underlying operating system.

Cisco has acknowledged one critical and two medium-severity vulnerabilities affecting some of its Small Business series of routers, but won't be fixing them as the devices "Have entered the end-of-life process." Proof-of-concept exploit code for CVE-2023-20025 and CVE-2023-20026 is available online, but there is currently no indication of any of these flaws being exploited by attackers.