Cisco today released security updates to address critical Remote Code Execution (RCE), authentication bypasses, and default credentials that affect many routers and firewalls that could lead to full device uptake.
Cisco also issued a security update to correct a vulnerability escalation privileges in Cisco Prime License Manager software.
The five security bug fixes today received CVSS 9,8 CVSS scores, making them all critical vulnerabilities.
Remote exploitation by unauthorized intruders
They can also be used remotely by unauthorized intruders as part of low-level attacks complexity that do not require user interaction.
A complete list of all critical security issues facing Cisco today is available below, along with links to related tips security their.
"The Cisco Product Security Incident Response (PSIRT) team has not identified any malicious use of the vulnerability described in this advisory," the company said in all five advisories.
The vulnerabilities were reported in Cisco by the following external security investigators: Larryxi of XDSEC, Gyengtak Kim, Jeongun Baek and Sanghyuk Lee of GeekPwn, Quentin Kaiser and Adam Engle of AdventHealth.
Cisco also released 22 vulnerabilities High and medium security issues affecting many router models and software versions of Cisco SD-WAN Solution.