Cisco has released security updates for its flagship IOS and IOS XE operating system software for networking gear, as well as patches for its Access Point software.
Félagið er security update for Cisco IOS mitigates a total of 14 vulnerabilities, 10 of which are denial-of-service (DoS) bugs that can cause system crashes, unexpected reloads, and heap overflow. The most severe of the high-risk DoS bugs all allow exploitation by unauthenticated, remote attackers.
The other bugs allow privilege escalation, command injection, and access control list bypass.
Cisco’s Access Point Software updates are for a secure boot bypass vulnerability (CVE-2024-20265), as well as another denial of service vulnerability (CVE-2024-20271). The former is “a vulnerability in the boot process [that] could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device,” according to the advistory.
CISA issued a follow-up alert encouraging administrators to update their systems eins fljótt og hægt er.
- SEO knúið efni og PR dreifing. Fáðu magnara í dag.
- PlatoData.Network Vertical Generative Ai. Styrktu sjálfan þig. Aðgangur hér.
- PlatoAiStream. Web3 upplýsingaöflun. Þekking aukin. Aðgangur hér.
- PlatóESG. Kolefni, CleanTech, Orka, Umhverfi, Sól, Úrgangsstjórnun. Aðgangur hér.
- PlatoHealth. Líftækni og klínísk rannsóknagreind. Aðgangur hér.
- Heimild: https://www.darkreading.com/application-security/cisco-ios-bugs-unauthenticated-remote-dos-attacks
