Skip to main content

Cisco Releases Security Updates for Multiple Products

Schedule update addresses Critical vulnerabilities in Cisco Small Business RV Routers

Report a cyber attack: call 0300 303 5222 or email carecert@nhsdigital.nhs.uk

Summary

Schedule update addresses Critical vulnerabilities in Cisco Small Business RV Routers


The following platforms are also known to be affected:

Many Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers are affected by at least one of these vulnerabilities.

RV160 VPN Routers
RV160W Wireless-AC VPN Routers
RV260 VPN Routers
RV260P VPN Routers with PoE
RV260W Wireless-AC VPN Routers
RV340 Dual WAN Gigabit VPN Routers
RV340W Dual WAN Gigabit Wireless-AC VPN Routers
RV345 Dual WAN Gigabit VPN Routers
RV345P Dual WAN Gigabit POE VPN Routers

Threat details

Introduction

Cisco has released a Critical security update to address vulnerabilities in multiple products, which include remote code execution, denial-of-service, and command injection vulnerabilities. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Other scheduled advisories address an additional four updates rated as Medium.


Remediation advice

Affected organisations are encouraged to review the following Cisco Security Advisories and apply the necessary updates or workarounds.


Remediation steps

Type Step
Patch

Cisco Small Business RV Series Routers Vulnerabilities


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-mult-vuln-CbVp4SUR
Patch

Cisco Webex Meetings Web Interface Vulnerabilities


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-xss-frmhijck-kO3wmkuS
Patch

Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-pwd-WH64AhQF
Patch

Cisco Unified Communications Manager Arbitrary File Deletion Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-file-delete-N2VPmOnE
Patch

Cisco BroadWorks Application Delivery Platform Software Cross-Site Scripting Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-xbhfr4cD


Last edited: 5 August 2022 4:36 pm