- Mar 24, 2023
- 1 min read

Cisco Releases new Security Advisory for Multiple Products

On march the 22nd of the current month, Cisco released a new Security Advisory that affects several Cisco Products. Most vulnerabilities addressed allow remote threat actors to be able to exploit these vulnerabilities to gain control of an affected device.

Here's a list of the vulnerabilities:

Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability

Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability

Cisco IOS XE SD-WAN Software Command Injection Vulnerability

Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability

Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability

Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability

Cisco DNA Center Privilege Escalation Vulnerability

Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability

Cisco Access Point Software Association Request Denial of Service Vulnerability

We can find the following devices amongts the affected by the afore aforementioned vulnerabilities:

1000 Series Integrated Services Routers (ISRs)	ASR 1000 Series Aggregation Services Routers
4000 Series ISRs	Catalyst 8000 Edge Platforms Family
Cloud Services Router (CSR) 1000V Series	Business 150 APs and 151 Mesh Extenders
Catalyst 9100 APs	Catalyst 8000V Edge Software Routers
Catalyst 8200 Series Edge Platforms	Catalyst 8300 Series Edge Platforms
Catalyst 8500L Series Edge Platforms	Cisco IOS XE Software releases 17.9.1, 17.9.1a, or 17.9.1w and have a tunnel interface configured.

We highly recomend checking the release for more information and affected devices / IOS Versions.

Cisco Releases new Security Advisory for Multiple Products

Recent Posts

Subscribe to Our Newsletter