#CiscoPatches

Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability

by

April 18, 2024 at 08:45AM Cisco released patches for a high-severity IMC vulnerability (CVE-2024-20295, CVSS 8.8) allowing local attackers to inject commands and gain root privileges. Another flaw (CVE-2024-20356) could let remote attackers gain root privileges. A medium-severity bug (CVE-2024-20373) in IOS and IOS XE software was also fixed. Users are urged to update their … Read more

Cisco says critical Unity Connection bug lets attackers get root

by

January 10, 2024 at 03:46PM Cisco has addressed a critical security flaw in Unity Connection, preventing unauthenticated attackers from gaining root privileges remotely. The vulnerability (CVE-2024-20272) allows execution of commands on the operating system by uploading arbitrary files. Additionally, Cisco patched ten medium-severity vulnerabilities in various products, including a command injection flaw in the WAP371 … Read more