Quick Hits

'Patch ASAP': Cisco Issues Updates for Routers, VPN Firewall

Cisco issues five critical security patches among a batch of some 31 updates.

Amid a week punctuated by high-profile critical security vulnerability disclosures from Microsoft and Oracle, Cisco Systems today released 31 security patches that include critical ones for some of its router products.

In a tweet today announcing the Cisco release, US-CERT recommended users to "Patch ASAP!"

The critical flaws included in the patch release are a static default credential vuln in Cisco's Small Business RV110W Wireless-N VPN Firewall; a remote command execution vuln in its Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface; an authentication bypass vuln in its RV110W, RV130, RV130W, and RV215W routers; an arbitrary code execution vuln in its RV110W and RV215W Series routers; and a privilege escalation vuln in the Cisco Prime License Manager.

"An unauthenticated, remote attacker could exploit some of these vulnerabilities to take control of an affected system," US-CERT wrote it its advisory.

Read Cisco's advisories here.  




Register now for this year's fully virtual Black Hat USA, scheduled to take place August 1–6, and get more information about the event on the Black Hat website. Click for detail on conference information and to register.

Editors' Choice
Nathan Eddy, Contributing Writer, Dark Reading
Jai Vijayan, Contributing Writer, Dark Reading
Andrada Fiscutean, Contributing Writer, Dark Reading