Cisco retter sårbarheder

Cisco har udsendt sikkerhedsopdateringer, der adresserer sårbarheder i flere produkter fra virksomheden.

En ekstern angriber kan potentielt udnytte de værste af disse til at overtage kontrollen over sårbare systemer.

Cybersecurity and Infrastructure Security Agency (CISA) anbefaler, at både brugere og administratorer gennemser de følgende advarsler og installerer de nødvendige opdateringer:

• Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability
• Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Command Injection Vulnerability
• Cisco TelePresence Collaboration Endpoint and RoomOS Software Denial of Service Vulnerabilities
• Cisco TelePresence Collaboration Endpoint, TelePresence Codec, and RoomOS Software Privilege Escalation Vulnerability
• Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities
• Cisco Wireless LAN Controller HTTP Parsing Engine Denial of Service Vulnerability
• Cisco Web Security Appliance Unauthorized Device Reset Vulnerabilit

Anbefaling:

Opdater altid dine produkter med de nyeste rettelser fra producenten. Anvend brugerkonti uden administrative rettigheder, hvis det er muligt.

Links:

• Cisco Releases Security Updates, advarsel fra US-CERT.
• Cisco Security Advisories, information fra Cisco.
• Flere sårbarheder i Cisco WebEx, nyhed fra DKCERT.