News • Insights • Analysis
Cisco is urging customers to install an update that fixes a high-severity issue affecting its Network Assurance Engine (NAE) for managing data-center networks. The bug, tracked as CVE-2019-1688, could allow an attacker to use a flaw in the password-management system Read More …
Security researchers have observed ongoing internet scans and exploitation attempts against Cisco RV320 and RV325 WAN VPN routers, two models very popular among internet service providers and large enterprises. ttacks started on Friday, January 25, after security researcher David Davidson published a proof-of-concept exploit for two Cisco Read More …
A critical and unpatched vulnerability in the widely deployed Cisco Small Business Switch software leaves the door open to remote, unauthenticated attackers gaining full administrative control over the device – and therefore the network. Cisco Small Business Switches were developed for small Read More …
Cisco revealed that it had “inadvertently” shipped an in-house exploit code that was used in test scripts as part of its TelePresence Video Communication Server and Expressway Series software. Cisco Systems revealed in a security bulletin Wednesday that it “inadvertently” Read More …
Two zero-day vulnerabilities in Bluetooth Low-Energy chips made by Texas Instruments (and used in millions of wireless access points) open corporate networks to crippling stealth attacks. Adversaries can exploit the bugs by simply being approximately 100 to 300 feet from Read More …
The Cisco security team has revealed earlier the existence of a zero-day vulnerability affecting products that run Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software. The vulnerability has been exploited in the wild, according to a security advisory the company Read More …
While remote code execution vulnerabilities are pretty common, a new one discovered in Cisco’s WebEx online and video collaboration software is definitely different. That is because users can remotely execute commands through a component of the WebEx client even when WebEx Read More …
Cisco is currently looking into its product line to determine which products and services use Linux kernel 3.9 or above, which is vulnerable to the FragmentSmack denial-of-service (DoS) bug. The networking hardware manufacturer already assembled a list of more than Read More …
Cisco has supplied a patch for its Video Surveillance Manager software to erase hardcoded default credentials for the root account. Admins responsible for appliances running Cisco’s surveillance software should urgently patch the flaw, which has a Common Vulnerability Scoring System Read More …
Cisco’s Smart Install software has become the vector for a series of infrastructure attacks and politically-motivated defacements. Cisco’s own Talos security limb reports that bad actors, some likely state-supported, have been scanning Switchzilla devices to see if they run Smart Read More …
