Cisco Archives - Securezoo

Cisco released security advisory for OpenSSL vulnerabilities affecting Cisco products

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / November 5, 2022 / Cisco, CVE-2022-3602, CVE-2022-3786, IOT, OpenSSL, X.509

Cisco has released a security advisory for OpenSSL vulnerabilities affecting Cisco products.

CISA adds 8 vulnerabilities to Known Exploited Vulnerabilities Catalog (to include iOS and Chrome zero-days)

Security Updates & Patches, Vulnerabilities & Exploits, Zero-days / By Frank Crast / October 30, 2022 / AnyConnect, Chrome 107, Cisco, CVE-2018-19320, CVE-2018-19321, CVE-2018-19322, CVE-2018-19323, CVE-2020-3153, CVE-2020-3433, CVE-2022-3723, CVE-2022-42827, Gigabyte, iOS

The Cybersecurity and Infrastructure Security Agency (CISA) has added 8 vulnerabilities to its Known Exploited Vulnerabilities Catalog, to include Apple iOS, Google Chrome, Cisco AnyConnect Secure, and Gigabyte vulnerabilities.

Cisco patched 3 Nexus Dashboard Unauthorized Access Vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 25, 2022 / Cisco, CVE-2022-20857, CVE-2022-20858, CVE-2022-20861, Nexus

Cisco has released a Critical severity security advisory for three Nexus Dashboard unauthorized access vulnerabilities.

ZuoRAT targets SOHO devices to launch sophisticated multi-stage cyber attacks

Cybersecurity Attacks, Malware, Network Security / By Frank Crast / July 8, 2022 / ASUS, Black Lotus Labs, Cisco, CVE-2020-26878, CVE-2020-26879, Cybersecurity Attack, Cybersecurity Threat Center, DrayTek, Lumen, NETGEAR, Python, Small Office, SOHO, ZuoRAT

Threat actors are using a multi-stage malware dubbed ZuoRAT to exploit small office/home office (SOHO) routers and launch sophisticated attacks against North American and European networks.

Cisco patches Critical Cisco Expressway Series and Cisco TelePresence Video Communication Server vulnerabilities

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / July 7, 2022 / Cisco, CVE-2022-20812, CVE-2022-20813, TelePresence

Cisco has released a Critical severity security advisory for Cisco Expressway Series and Cisco TelePresence Video Communication Server vulnerabilities (CVE-2022-20812 and CVE-2022-20813).

PRC state-sponsored cyber actors routinely exploit these 16 network device vulnerabilities

Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / June 8, 2022 / CISA, Cisco, Citrix, CVE-2017-6862, CVE-2018-0171, CVE-2018-13382, CVE-2018-14847, CVE-2019-11510, CVE-2019-15271, CVE-2019-1652, CVE-2019-16920, CVE-2019-19781, CVE-2019-7192, CVE-2019-7193, CVE-2019-7194, CVE-2019-7195, CVE-2020-29583, CVE-2020-8515, CVE-2021-22893, FBI, MicroTik, NETGEAR, NSA, Pulse, QNAP, SOHO, ZyXEL

The FBI, NSA and CISA coauthored a joint Cybersecurity Advisory detailing how People’s Republic of China (PRC) state-sponsored cyber actors continue to exploit publicly known vulnerabilities to gain access to a broad network of compromised infrastructure.

Cisco issues security updates for Spring Framework, Firepower and IOS XR software

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / April 29, 2022 / Cisco, Firepower, IOS XR, Spring, Spring4Shell

Cisco has released a security updates for Spring Framework (“Spring4Shell”), Firepower Management Center (FMC) and IOS XR software that address Critical and High severity vulnerabilities.

Cisco issues Critical security updates for Spring Framework vulnerability

Network Security, Security Updates & Patches, Vulnerabilities & Exploits / By Frank Crast / April 14, 2022 / Cisco, CVE-2022-22965, Spring, Spring4Shell, VMware

Cisco has issued an updated Critical security advisory for a Spring Framework vulnerability CVE-2022-22965 that affects multiple Cisco products. The networking giant also released a security update for a Critical LAN wireless controller vulnerability.

CISA adds 95 vulnerabilities to Known Exploited Vulnerabilities Catalog

Vulnerabilities & Exploits / By Frank Crast / March 4, 2022 / Cisco, CVE-2019-16928, CVE-2020-1938, CVE-2022-20699, CVE-2022-20700, CVE-2022-20701, CVE-2022-20703, CVE-2022-20708, Exim, Ghostcat, NSA, Routers, Sandworm, Small Business

The Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog. Recent additions include Apache Tomcat “Ghostcat”, Exim and Cisco Small Business RV routers, among others.

Cisco patches High risk Email Security Appliance DNS Verification DoS vulnerability

Network Security, Vulnerabilities & Exploits / By Frank Crast / February 25, 2022 / Cisco, CVE-2021-1586, CVE-2022-20623, CVE-2022-20624, CVE-2022-20650, CVE-2022-20653, DANE, DNS, DOS, ESA, Nexus, NX-OS

Cisco has released a High risk security advisory for an Email Security Appliance DNS Verification Denial of Service (DoS) vulnerability, as well as several other vulnerabilities in Nexus switches and NX-OS software.