Skip to main content

Cisco Releases Security Updates for Multiple Products

Scheduled update addresses four High and six Medium impact vulnerabilities

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Scheduled update addresses four High and six Medium impact vulnerabilities


The following platforms are also known to be affected:

  • Cisco Duo for macOS
  • Standalone IOS XE SD-WAN Software
  • Cisco vManage
  • Cisco IOS XE ROMMON (Catalyst 3600 Series Switches, Catalyst 3800 Series Switches, Catalyst 9200 Series Switches, Catalyst 9300 Series Switches, Catalyst 9400 Series Switches, Catalyst 9500 Series Switches, Catalyst 9600 Series Switches)

Threat details

Introduction

Cisco has released nine security updates, addressing four High and six Medium vulnerabilities. The High impact vulnerabilities concern denial-of-service (DoS) and privilege escalation. An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system.


Remediation advice

Affected organisations are encouraged to review the following Cisco Security Advisories and apply the necessary updates.


Remediation steps

Type Step
Patch

Cisco Wireless LAN Controller AireOS Software FIPS Mode Denial of Service Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-mKGRrsCB
Patch

Cisco SD-WAN Software Privilege Escalation Vulnerabilities


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF
Patch

Cisco Catalyst 9100 Series Access Points Association Request Denial of Service Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-assoc-dos-EgVqtON8
Patch

Cisco SD-WAN Software Arbitrary File Corruption Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-privesc-cli-xkGwmqKu
Patch

Cisco Software-Defined Application Visibility and Control on Cisco vManage Authentication Bypass Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-avc-NddSGB8
Patch

Cisco Software-Defined Application Visibility and Control on Cisco vManage Static Username and Password Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdavc-ZA5fpXX2
Patch

Cisco IOS XE ROM Monitor Software for Catalyst Switches Information Disclosure Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-info-disc-nrORXjO
Patch

Cisco Duo for macOS Authentication Bypass Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-duo-macOS-bypass-uKZNpXE6
Patch

Cisco SD-WAN Arbitrary File Deletion Vulnerability


https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-arb-file-delete-VB2rVcQv


CVE Vulnerabilities

Last edited: 7 October 2022 10:37 am