Security News

Cisco has patched multiple critical security vulnerabilities impacting its RV Series routers that could be weaponized to elevate privileges and execute arbitrary code on affected systems, while also warning of the existence of proof-of-concept exploit code targeting some of these bugs. Three of the 15 flaws, tracked as CVE-2022-20699, CVE-2022-20700, and CVE-2022-20707, carry the highest CVSS rating of 10.0, and affect its Small Business RV160, RV260, RV340, and RV345 Series routers.

Critical security vulnerabilities in Cisco's Small Business RV Series routers could allow privilege escalation, remote code execution with root privileges on the devices and more. The critical bugs are part of 15 total vulnerabilities affecting the RV product line that Cisco disclosed this week.

Critical security vulnerabilities in Cisco's Small Business RV Series routers could allow privilege escalation, remote code execution with root privileges on the devices and more. The critical bugs are part of 15 total vulnerabilities affecting the RV product line that Cisco disclosed this week.

Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. In total, there are fifteen vulnerabilities fixed by these security updates, with five of them rated as Critical as threat actors can use them to gain 'root' privileges or remotely execute commands on the device.

Cisco has released patches for multiple vulnerabilities in the Small Business RV Series router platform that could allow remote attackers to gain complete control over the device, in many cases, without authentication. In total, there are fifteen vulnerabilities fixed by these security updates, with five of them rated as Critical as threat actors can use them to gain 'root' privileges or remotely execute commands on the device.

Cisco has patched 14 vulnerabilities affecting some of its Small Business RV Series routers, the worst of which may allow attackers to achieve unauthenticated remote code execution or execute arbitrary commands on the underlying Linux operating system. "The Cisco PSIRT is aware that proof-of-concept exploit code is available for several of the vulnerabilities that are described in this advisory," the company said in the accompanying security advisory.

Cisco Systems has rolled out fixes for a critical security flaw affecting Redundancy Configuration Manager for Cisco StarOS Software that could be weaponized by an unauthenticated, remote attacker to execute arbitrary code and take over vulnerable machines. "An attacker could exploit this vulnerability by connecting to the device and navigating to the service with debug mode enabled," Cisco said in an advisory.

Cisco released a security update warning about a handful of vulnerabilities lurking in its networking technology, led by a critical bug in the company's StarOS debug services. Cisco pushed out a fix for its Cisco StarOS Software on Wednesday.

Cisco has fixed a critical security flaw discovered in the Cisco Redundancy Configuration Manager for Cisco StarOS Software during internal security testing. "A vulnerability in Cisco RCM for Cisco StarOS Software could allow an unauthenticated, remote attacker to perform remote code execution on the application with root-level privileges in the context of the configured container," Cisco said.

A critical security bug affecting Cisco's Unified Contact Center Enterprise portfolio could allow privilege-escalation and platform takeover. The bug in question is a particularly nasty one, with a critical rating of 9.6 out of 10 on the CVSS vulnerability-severity scale, and could allow authenticated, remote attackers to elevate their privileges to administrator, with the ability to create other administrator accounts.