Cisco Releases Security Updates for Multiple Products

Threat ID:: CC-3759
Threat Severity:: Information only
Published:: 19 February 2021 11:28 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Affected platforms

The following platforms are known to be affected:

A wide range of Cisco products, please refer to advisories linked below for more information

Threat details

Introduction

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Remediation advice

Organisations are encouraged to review the following Cisco Advisories and apply the necessary updates:

Cisco Security Manager Java Deserialization Vulnerabilities cisco-sa-csm-java-rce-mWJEedcD
Cisco IOS XR Software Slow Path Forwarding Denial of Service Vulnerability cisco-sa-xr-cp-dos-ej8VB9QY
Cisco SD-WAN Software Privilege Escalation Vulnerability cisco-sa-vepescm-BjgQm4vJ
Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021 cisco-sa-sudo-privesc-jan2021-qnYQfcM
Cisco AnyConnect Secure Mobility Client for Windows with VPN Posture (HostScan) Module DLL Hijacking Vulnerability cisco-sa-anyconnect-dll-hijac-JrcTOQMC

In addition to the specific advisories listed above, further advisories addressing lower severity vulnerabilities can be found on the Cisco Security Advisories page.

Last edited: 24 February 2021 4:04 pm