Cisco Releases Security Updates for Multiple Products
Affected platforms
The following platforms are known to be affected:
A wide range of Cisco products, please refer to advisories linked below for more information
Threat details
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
Remediation advice
Organisations are encouraged to review the following Cisco Advisories and apply the necessary updates:
- Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021 cisco-sa-sudo-privesc-jan2021-qnYQfcM
- Cisco SD-WAN Command Injection Vulnerabilities cisco-sa-sdwan-cmdinjm-9QMSmgcn
- Cisco SD-WAN Denial of Service Vulnerabilities cisco-sa-sdwan-dosmulti-48jJuEUP
- Cisco SD-WAN vManage Authorization Bypass Vulnerabilities cisco-sa-sdwan-abyp-TnGFHrS
- Cisco IOS XR Software IPv6 Flood Denial of Service Vulnerability cisco-sa-xripv6-spJem78K
- Cisco IOS XR Software Enf Broker Denial of Service Vulnerability cisco-sa-iosxr-dos-WwDdghs2
- Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities cisco-sa-ioxr-l-zNhcGCBt
- Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation Vulnerability cisco-sa-iosxr-pe-QpzCAePe
- Cisco DNA Center Cross-Site Request Forgery Vulnerability cisco-sa-dnac-csrf-dC83cMcV
- Cisco DNA Center Information Disclosure Vulnerability cisco-sa-dnacid-OfeeRjcn
- Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities cisco-sa-rv160-260-rce-XZeFkNHf
- Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities cisco-sa-rv160-260-filewrite-7x9mnKjn
- Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities cisco-sa-rv-overflow-ghZP68yj
- Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities cisco-sa-rv-command-inject-BY4c5zd
In addition to the specific advisories listed above, further advisories addressing lower severity vulnerabilities can be found on the Cisco Security Advisories page.
Last edited: 4 February 2021 1:19 pm