CISA Activity - Cisco Releases Security Advisories for Multiple Products

Cisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following advisories and apply the necessary updates:

[ul]
[li]Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability cisco-sa-ipv4-vfr-dos-CXxtFacb[/li][li]Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability cisco-sa-iox-priv-escalate-Xg8zkyPk[/li][li]Cisco IOS XE SD-WAN Software Command Injection Vulnerability cisco-sa-ios-xe-sdwan-VQAhEjYw[/li][li]Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability cisco-sa-ios-gre-crash-p6nE5Sq5[/li][li]Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability cisco-sa-ios-dhcpv6-dos-44cMvdDK[/li][li]Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability cisco-sa-ewlc-dos-wFujBHKw[/li][li]Cisco DNA Center Privilege Escalation Vulnerability cisco-sa-dnac-privesc-QFXe74RS[/li][li]Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability cisco-sa-c9300-spi-ace-yejYgnNQ[/li][li]Cisco Access Point Software Association Request Denial of Service Vulnerability cisco-sa-ap-assoc-dos-D2SunWK2[/li][/ul]

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

Please share your thoughts. We recently updated our anonymous Product Feedback Survey; we’d welcome your feedback.

Continue reading…