Cisco has pushed a new patch to address four critical-severity vulnerabilities plaguing its cloud-based Webex Services platform – and has also warned Wi-Fi access points users of a bug in certain versions of IOS XE that could result in a device bootloop.
Webex Services is a platform for communication and collaboration, letting people hold video meetings, send messages, make calls, and share files, all from one place. It was found vulnerable to four flaws: CVE-2026-20184 (9.8/10 – a vulnerability in the integration of single sign-on (SSO)), CVE-2026-20147 (9.9/10 – a remote code execution bug in Cisco ISE and Cisco ISE-PIC), CVE-2026-20180, and CVE-2026-20186 (9.9/10 arbitrary code execution flaws in Cisco Identity Services Engine).
Read more…
Source: TechRadar News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CCleaner Malware Infects Big Tech Companies With Second Backdoor
September 20, 2017
The group of unknown hackers who hijacked CCleaner’s download server to distribute a malicious version of the popular system optimization software targeted at least 20 major international technology companies with a second-stage payload. Earlier this week, when the CCleaner hack was reported, researchers assured users that there’s no second stage malware used in the massive attack and affected users ...
- Attackers Use Undocumented MS Office Feature to Leak System Profile Data
September 18, 2017
An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by adversaries, according to Kaspersky Lab researchers, as part of a multistage attack that first ...
- Hackers Hid Backdoor In CCleaner Security App With 2 Billion Downloads — 2.3 Million Infected
September 18, 2017
Users of Avast-owned security application CCleaner for Windows have been advised to update their software immediately, after researchers discovered criminal hackers had installed a backdoor in the tool. The tainted application allows for download of further malware, be it ransomware or keyloggers, with fears millions are affected. According to Avast’s own figures, 2.27 million ran ...
- Equifax Suffered Data Breach After It Failed to Patch Old Apache Struts Flaw
September 13, 2017
The massive Equifax data breach that exposed highly sensitive data of as many as 143 million people was caused by exploiting a flaw in Apache Struts framework, which Apache patched over two months earlier of the security incident, Equifax has confirmed. Credit rating agency Equifax is yet another example of the companies that became victims of massive cyber attacks due ...
- Immediately Patch Windows 0-Day Flaw That’s Being Used to Spread Spyware
September 13, 2017
Windows 0-Day Flaw Get ready to install a fairly large batch of security patches onto your Windows computers. As part of its September Patch Tuesday, Microsoft has released a large batch of security updates to patch a total of 81 CVE-listed vulnerabilities, on all supported versions of Windows and other MS products. The latest security update addresses ...
- BlueBorne: Critical Bluetooth Attack Puts Billions of Devices at Risk of Hacking
September 12, 2017
If you are using a Bluetooth enabled device, be it a smartphone, laptop, smart TV or any other IoT device, you are at risk of malware attacks that can carry out remotely to take over your device even without requiring any interaction from your side. Security researchers have just discovered total 8 zero-day vulnerabilities in Bluetooth ...