Bootloader Vulnerability Impacts Over 100 Cisco Switches

December 5, 2024 at 07:31AM Cisco has released patches for a significant vulnerability in NX-OS bootloader software (CVE-2024-20397) that could let attackers bypass image signature verification. Affecting over 100 models, the flaw requires physical access for exploitation. Cisco advises immediate updates, although no known exploits are reported. Discontinued devices will not receive patches. **Meeting Takeaways: … Read more

Decade-Old Cisco Vulnerability Under Active Exploit

December 3, 2024 at 03:41PM Cisco warns customers of a decade-old security flaw in its Adaptive Security Appliance (ASA) WebVPN, tracked as CVE-2014-2120, which is being actively exploited. This vulnerability allows unauthenticated remote attackers to conduct cross-site scripting (XSS) attacks. Customers are urged to upgrade software, as no workarounds exist. ### Meeting Takeaways 1. **Security … Read more

Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability

December 3, 2024 at 05:58AM Cisco updated its advisory on the CVE-2014-2120 vulnerability, highlighting ongoing exploitation attempts. This medium-severity XSS flaw affects the WebVPN login page of Cisco ASA products. Customers are urged to upgrade to a patched version. The vulnerability was added to CISA’s Known Exploited Vulnerabilities catalog, prompting immediate action. ### Meeting Takeaways … Read more

Citrix, Cisco, Fortinet Zero-Days Among 2023s Most Exploited Vulnerabilities

November 13, 2024 at 10:54AM In 2023, many of the most frequently exploited vulnerabilities were initially zero-day vulnerabilities, as reported by government agencies. Notable companies affected included Citrix, Cisco, and Fortinet, highlighting ongoing security challenges organizations face in protecting their systems. ### Meeting Notes Takeaways: 1. **Top Exploits of 2023**: Most frequently exploited vulnerabilities this … Read more

Cisco Bug Could Lead to Command Injection Attacks

November 7, 2024 at 04:47PM Cisco has identified a vulnerability in its Unified Industrial Wireless Software for URWB access points, potentially allowing remote attackers to execute command injection attacks. Affected models include Catalyst IW9165D, IW9165E, and IW9167E with URWB mode enabled. Cisco has released a fix, though there’s no known public exploitation of the issue. … Read more

Cisco Patches Critical Vulnerability in Industrial Networking Solution

November 7, 2024 at 07:30AM Cisco has patched a critical vulnerability in its Unified Industrial Wireless software that could enable remote, unauthenticated attackers to execute commands with root privileges. The issue poses significant security risks to the affected systems. **Meeting Notes Takeaways:** – A critical vulnerability has been identified in Cisco Unified Industrial Wireless software. … Read more

Cisco says DevHub site leak won’t enable future breaches

November 4, 2024 at 04:16AM Cisco confirmed that non-public files downloaded by a threat actor from a misconfigured DevHub portal do not pose a risk for future breaches. While some CX Professional Services customer files were exposed, no financial or personal data was compromised. The company has since corrected the configuration and restored access. **Meeting … Read more

Cisco ASA, FTD Software Under Active VPN Exploitation

October 24, 2024 at 11:59AM Cisco has quickly released a patch for a medium-severity DoS vulnerability (CVE-2024-20481) in its VPN software, which is actively exploited. The flaw allows attackers to overload the system with authentication requests. Cisco advises updating software and implementing security measures to mitigate risks, as no workarounds are available. ### Meeting Takeaways … Read more

Cisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active Attack

October 24, 2024 at 09:03AM Cisco released updates for a critical security flaw (CVE-2024-20481) in its Adaptive Security Appliance, impacting the Remote Access VPN service. Exploitation may cause a denial-of-service (DoS). Cisco advises enabling logging and threat detection as preventive measures against brute-force attacks, while also addressing three additional vulnerabilities in its software. ### Meeting … Read more

Cisco takes DevHub portal offline after hacker publishes stolen data

October 18, 2024 at 06:24PM Cisco has taken its public DevHub portal offline due to a leak of “non-public” data by a threat actor. However, the company maintains that there is no evidence of a system breach. Here are the key takeaways from the meeting notes: 1. **DevHub Portal Taken Offline**: Cisco has removed its … Read more