10.1 C
London
Monday, October 23, 2017
Home Tags Cisco

Tag: cisco

On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local a...
Cisco patched a critical bug in its Cloud Services Platform 2100 hardware and at the same time told customers 96 of its products are vulnerable to KRACK vulnerabilities.
On October 16th, 2017, a research paper with the title of "Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2" was made publicly available.

This paper discusses seven vulnerabilities affecting session key negotiation in both the Wi-Fi Protecte...
Cisco discusses Advanced Linux Sound Architecture mess before formal CVE release An advisory from Cisco issued last Friday, October 13th, gave us the heads-up on a local privilege escalation vulnerability in the Advanced Linux Sound Architecture (ALSA)...
A vulnerability in the routine that loads DLL files in Cisco Meeting App for Windows could allow an authenticated, local attacker to run an executable file with privileges equivalent to those of Cisco Meeting App. The vulnerability is due to incom...
A vulnerability in the detection engine parsing of IPv6 packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause high CPU utilization or to cause a denial of service (DoS) condition because the Snort proc...
A vulnerability in the implementation of the direct authentication feature in Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial...
A vulnerability in motherboard console ports of line cards for Cisconbsp;ASR 1000 Series Aggregation Services Routers and Cisconbsp;cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to access an affected device's...
The DHCP relay subsystem of Cisconbsp;IOS and Cisconbsp;IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system.

The attacker could also c...
A vulnerability in the implementation of the PROFINET Discovery and Configuration Protocolnbsp;(PN-DCP) for Cisconbsp;IOS Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of ser...
Microsoft, Cisco, and VMWare among those infected with additional mystery payload.
The backdoor discovered in Avast's CCleaner targeted top tech companies including Google, Microsoft, Samsung, Sony, VMware, and Cisco.