A high severity vulnerability exists within the Cisco Secure Client Software for Windows and Cisco AnyConnect Secure Mobility Client Software for Windows. This elevation of privileges flaw could enable an attacker to have SYSTEM level privileges to carry out further attacks on vulnerable systems. The Cisco Secure Client and Cisco AnyConnect Secure Mobility Client products […]
High Severity Cisco Elevation of Privileges Flaw Read More »
Cisco Prime Collaboration Deployment software has been found to have a zero-day vulnerability that could allow for cross-site scripting attacks to take place. The Cisco Prime Collaboration Deployment application is a server management tool which can assist in the migration of older software version clusters to new virtual machines, as well as performing fresh installs,
Cisco Zero-Day Cross-Site Scripting Vulnerability Read More »
Unpatched Cisco IOS routers are being targeted by Russian state-backed threat actor APT28 to deploy ‘Jaguar Tooth’ malware by exploiting a vulnerability from 2017. The National Cyber Security Centre (NCSC) have published a malware analysis report investigating this non-persistent malware recently seen to be infecting Cisco IOS routers using firmware C5350-IS-M version 12.3(6). A joint
NCSC Warn of Jaguar Tooth Malware on Cisco Routers Read More »
Two new vulnerabilities have been disclosed on end-of-life Cisco RV Series small business routers. These vulnerabilities can be exploited individually or chained into an attack that allows for remote attackers to gain root access to the operating system where they can then execute arbitrary code. The affected devices are RV016 Multi-WAN VPN Routers, RV042 Dual
Critical Authentication Bypass in Cisco Routers Read More »
A zero-day vulnerability has been identified in the Cisco Discovery Protocol processing feature of Cisco IP Phone series 7800 and 8800 firmware. Although a security advisory has been released by Cisco that discloses this high severity flaw, they have not yet released an update to patch it. An update is due to be released in
Cisco IP Phone Zero-Day Vulnerability Disclosed Read More »
A zero-day vulnerability with a critical 9.8/10 severity rating has been identified in four Cisco Small Business RV Series Routers. These vulnerable products are RV110W Wireless-N VPN Firewall, RV130 VPN Router, RV130W Wireless-N Multifunction VPN Router, and RV215W Wireless-N VPN Router. These routers are listed as end-of-life products, and so Cisco have stated that they
Cisco Small Business Routers Vulnerable to Attack Read More »
Cisco and Pulse Secure have both issued security advisories warning of critical Remote Code Execution vulnerabilities that affect some of their VPN servers. Pulse Secure Pulse Secure has shipped a patch to resolve several Remote Code Execution vulnerabilities in its Connect Secure VPN appliances. The August release addresses these issues and the vendor ‘strongly advises’
VPN insecurity woes continue for Pulse Secure and Cisco Read More »
This week both SonicWall and Cisco have released patches for critical vulnerabilities in their networking products. SonicWall zero day The SonicWall vulnerability (CVE-2021-20016) is a zero-day under active attack – in fact it was used to breach SonicWall’s own network in January according to their security advisory. The flaw affects SonicWall SMA 100 series devices
SonicWall and Cisco patch critical vulnerabilities Read More »
Several critical switch vulnerabilities that could allow an attacker to break network segmentation have been patched by Cisco. Dubbed CDPwn by the researchers at Armis who discovered the flaws, the vulnerabilities exists in a Level 2 networking protocol called Cisco Discovery Protocol (CDP). Network segmentation is an effective security strategy that isolates data and systems
Cisco patches critical switch flaws Read More »
HP has issued a critical firmware update for a large number of their SSD drives which will fail after 32768 hours of operation. The defect in the firmware for the SSD drives will cause them to fail and all data on the drive to be permanently lost after 32,768 hours of operation. That’s 3 years,
Integer overflow flaw hits HP SSD Read More »
SecureTeam Ltd,
Kemp House, 152 City Road,
London,
EC1V 2NX
10257784
GB 249480968
SecureTeam Ltd, Kemp House, 152 City Road,
London, EC1V 2NX
Mon – Fri: 09:00 – 17:00
Company Number: 10257784
VAT Registration No: GB 249480968
© SecureTeam 2023. All rights reserved.