Cisco Releases Security Updates for Multiple Products
Affected platforms
The following platforms are known to be affected:
Cisco Prime Licence Manager Versions: 11.5(1)SU6 and earlier, or 10.5(2)SU9 and earlier
Cisco RV110W Wireless-N VPN Firewall Versions: all prior to Release 1.2.2.8
Cisco RV130 VPN Router Versions: all
Cisco RV130W Wireless-N Multifunction VPN Router Versions: all
Cisco RV215W Wireless-N VPN Router Versions: all prior to Release 1.3.1.7
Threat details
Introduction
Cisco has released security updates to address vulnerabilities affecting multiple products. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Remediation advice
Users and administrators are encouraged to review the following Cisco advisories and apply and relevant updates. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories archive.
Remediation steps
| Type | Step |
|---|---|
| Patch |
Small Business RV110W Wireless-N VPN Firewall Static Default Credential Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv110w-static-cred-BMTWBWTy |
| Patch |
Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-rce-AQKREqp |
| Patch |
RV110W, RV130, RV130W, and RV215W Routers Authentication Bypass Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-rv-auth-bypass-cGv9EruZ |
| Patch |
RV110W and RV215W Series Routers Arbitrary Code Execution Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-code-exec-wH3BNFb |
| Patch |
Cisco Prime License Manager Privilege Escalation Vulnerability https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cisco-prime-priv-esc-HyhwdzBA |
Last edited: 16 July 2020 12:58 pm