Cisco released security updates to address vulnerabilities in Cisco software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply necessary updates:

Cisco Secure Email Gateway Arbitrary File Write Vulnerability
Cisco Smart Software Manager On-Prem Password Change Vulnerability
Cisco Secure Web Appliance Privilege Escalation Vulnerability
Cisco Identity Services Engine Arbitrary File Upload Vulnerability
Cisco Intelligent Node Software Static Key Vulnerability
Cisco Webex App Vulnerabilities
Cisco RV340 and RV345 Dual WAN Gigabit VPN Routers Authenticated Remote Code Execution Vulnerability
Cisco Expressway Series Open Redirect Vulnerability
Cisco Secure Email Gateway Server-Side Template Injection Vulnerability

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

CISA and Partners Release Guidance for Exploring Memory Safety in Critical Open Source Projects

June 26, 2024 0 Comments 0 tags

Today, CISA, in partnership with the Federal Bureau of Investigation, Australian Signals Directorate’s Australian Cyber Security Centre, and Canadian Cyber Security Center, released Exploring Memory Safety in Critical Open Source

Read More

Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities

April 5, 2024 0 Comments 0 tags

Mandiant research details how Chinese espionage groups are deploying new tools post-exploitation of recently patched Ivanti vulnerabilities

Read More

CISA Adds Three Known Exploited Vulnerabilities to Catalog

July 17, 2024 0 Comments 0 tags

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity

Read More