#CiscoWarning

Cisco warns of critical RCE zero-days in end of life IP phones

by

August 8, 2024 at 05:34PM Cisco has issued a warning about critical remote code execution vulnerabilities in the web-based management interface of Small Business SPA 300 and SPA 500 series IP phones. These flaws, including buffer overflow vulnerabilities, can allow unauthenticated attackers to execute arbitrary commands. Users are urged to transition to newer, supported models … Read more

Exploit released for Cisco SSM bug allowing admin password changes

by

August 8, 2024 at 03:02PM Exploit code for a critical vulnerability in Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) is now available, allowing attackers to change any user password. The company warns of the availability of proof-of-concept exploit code but has not found evidence of attacks in the wild. Administrators must upgrade affected systems … Read more