Cisco issued new security updates to address vulnerabilities on multiple Cisco products to include WebEx, Secure Access Control System (ACS), Wireless LAN Controller (WLC), Meeting Server, and Aironet.
According to the Cisco advisory, four of the vulnerabilities were rated Critical, five rated High and eleven rated Medium severity. The critical updates are listed below:
- Critical Cisco WebEx Advanced Recording Format Remote Code Execution Vulnerability (CVE-2018-0264)
- Critical Cisco Prime File Upload Servlet Path Traversal and Remote Code Execution Vulnerability (CVE-2018-0258)
- Critical Cisco Secure Access Control System Remote Code Execution Vulnerability (CVE-2018-0253)
- Critical Cisco WebEx Clients Remote Code Execution Vulnerability (CVE-2018-0112)
Network admins are strongly advised to apply the security updates as soon as possible on affected products to prevent exploitation of vulnerabilities by attackers.