Security News

Cisco advises owners of end-of-life Small Business RV routers to upgrade to newer models after disclosing a remote code execution vulnerability that will not be patched. According to a Cisco security advisory, the flaw exists due to insufficient user input validation of incoming HTTP packets on the impacted devices.

Cisco notified customers this week to patch a critical vulnerability that could allow attackers to bypass authentication and login into the web management interface of Cisco email gateway appliances with non-default configurations. The security flaw was found in the external authentication functionality of virtual and hardware Cisco Email Security Appliance and Cisco Secure Email and Web Manager appliances.

Establishing some level of cybersecurity measures across all organizations will soon reach human-rights issue status, according to Jeetu Patel, Cisco EVP for security and collaboration. "It's our civic duty to ensure that everyone below the security poverty line has a level of safety, because it's gonna eventually get to be a human-rights issue," Patel told The Register, in an exclusive interview ahead of his RSA Conference keynote.

Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks. Tracked as CVE-2022-20821, the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution.

Cisco has addressed a zero-day vulnerability in its IOS XR router software that allowed unauthenticated attackers to remotely access Redis instances running in NOSi Docker containers. The IOS XR Network OS is deployed on multiple Cisco router platforms, including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers.

F5 Networks and Cisco this week issued warnings about serious, and in some cases critical, security vulnerabilities in their products. "This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services," as F5 put it in its advisory.

Cisco Systems on Wednesday shipped security patches to contain three flaws impacting its Enterprise NFV Infrastructure Software that could permit an attacker to fully compromise and take control over the hosts. The networking equipment company said the flaws affect Cisco Enterprise NFVIS in the default configuration.

Two of them, rated critical and high severity, can be exploited by attackers to run commands with root privileges or to escape the guest virtual machine and fully compromise NFVIS hosts. CVE-2022-20777 is caused by insufficient guest restrictions and allows authenticated attackers to escape the guest VM and gain root-level access to the host in low complexity attacks without requiring user interaction.

Networking equipment maker Cisco has released security updates to address three high-severity vulnerabilities in its products that could be exploited to cause a denial-of-service condition and take control of affected systems. The first of the three flaws, CVE-2022-20783, affects Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software, and stems from a lack of proper input validation, allowing an unauthenticated, remote attacker to send specially crafted traffic to the devices.

Cisco has released security updates to address a high severity vulnerability in the Cisco Umbrella Virtual Appliance, allowing unauthenticated attackers to steal admin credentials remotely.Fraser Hess of Pinnacol Assurance found the flaw in the key-based SSH authentication mechanism of Cisco Umbrella VA. Cisco Umbrella, a cloud-delivered security service used by over 24,000 organizations as DNS‑layer security against phishing, malware, and ransomware attacks, uses these on-premise virtual machines as conditional DNS forwarders that record, encrypt, and authenticate DNS data.