Security News

Cisco this week released patches for multiple vulnerabilities in Firepower Threat Defense software, including high-severity issues that could be exploited for arbitrary command execution or denial-of-service attacks. An attacker able to abuse it may execute arbitrary commands as root on the underlying OS. The flaw exists because user-supplied command arguments aren't sufficiently validated, and affects Firepower 4100 and Firepower 9300 series appliances.

Industrial automation giant Rockwell Automation has started releasing firmware updates for some of its Stratix switches to address another round of vulnerabilities introduced by the use of Cisco's IOS XE software. Rockwell Automation regularly releases firmware updates for its Stratix devices to address vulnerabilities introduced by the use of Cisco software.

Securiti announced participation from Cisco Investments in its latest round of funding. The company plans to work with Cisco and help their customers solve the challenge of multicloud and edge security, privacy and compliance.

Networking equipment major Cisco Systems has said it does not plan to fix a critical security vulnerability affecting some of its Small Business routers, instead urging users to replace the devices. The bug, tracked as CVE-2021-1459, is rated with a CVSS score of 9.8 out of 10, and affects RV110W VPN firewall and Small Business RV130, RV130W, and RV215W routers, allowing an unauthenticated, remote attacker to execute arbitrary code on an affected appliance.

Cisco Systems said it will not fix a critical vulnerability found in three of its SOHO router models. The three Cisco router models and one VPN firewall device are of varying age and have reached "End of life" and will not be patched, according to Cisco.

Cisco this week announced patches for tens of vulnerabilities across its product portfolio, including a critical severity issue impacting the SD-WAN vManage software. Tracked as CVE-2021-1479 with a CVSS score of 9.8, the critical bug exists because of improper validation of user-supplied input and could allow an attacker to trigger a buffer overflow by sending a crafted connection request to the remote management component of SD-WAN vManage.

Cisco announced new server solutions supported by 3rd Gen Intel Xeon Scalable processors to bring new performance and security capabilities to customers' hybrid cloud infrastructure. To help technology teams address increasingly complex hybrid cloud environments, Cisco today is introducing Unified Computing System server models with the latest 3rd Gen Intel Xeon Scalable processors.

Cisco has released security updates to address a critical pre-authentication remote code execution vulnerability affecting SD-WAN vManage Software's remote management component. The company fixed two other high-severity security vulnerabilities in the user management and system file transfer functions of the same product allowing attackers to escalate privileges.

At its Cisco Live conference this week, the company announced everything from a redesign of its internet infrastructure to a new network-as-a-service offering. Cisco announced plans to help communication service providers and web-scale companies strengthen their networks.

To help people work smarter, combat burnout and drive more inclusive work experiences, Cisco Webex announced advancements to the People Insights feature. "These insights enable a more inclusive work experience and empowers our people to develop and leverage their collective collaboration network, while helping leaders act at the intersection of performance, empathy, and service to others to build connected and effective teams."