top of page

Cisco Releases new Security Advisory for Multiple Products


 

On march the 22nd of the current month, Cisco released a new Security Advisory that affects several Cisco Products. Most vulnerabilities addressed allow remote threat actors to be able to exploit these vulnerabilities to gain control of an affected device.


Here's a list of the vulnerabilities:


Cisco IOS XE Software Virtual Fragmentation Reassembly Denial of Service Vulnerability
Cisco IOS XE Software IOx Application Hosting Environment Privilege Escalation Vulnerability
Cisco IOS XE SD-WAN Software Command Injection Vulnerability
Cisco IOS XE Software Fragmented Tunnel Protocol Packet Denial of Service Vulnerability
Cisco IOS and IOS XE Software IPv6 DHCP (DHCPv6) Relay and Server Denial of Service Vulnerability
Cisco IOS XE Software for Wireless LAN Controllers HTTP Client Profiling Denial of Service Vulnerability
Cisco DNA Center Privilege Escalation Vulnerability
Cisco IOS XE Software for Cisco Catalyst 9300 Series Switches Secure Boot Bypass Vulnerability
Cisco Access Point Software Association Request Denial of Service Vulnerability


We can find the following devices amongts the affected by the afore aforementioned vulnerabilities:




​1000 Series Integrated Services Routers (ISRs)

ASR 1000 Series Aggregation Services Routers

4000 Series ISRs

Catalyst 8000 Edge Platforms Family

Cloud Services Router (CSR) 1000V Series

Business 150 APs and 151 Mesh Extenders

Catalyst 9100 APs

Catalyst 8000V Edge Software Routers

Catalyst 8200 Series Edge Platforms

Catalyst 8300 Series Edge Platforms

Catalyst 8500L Series Edge Platforms

Cisco IOS XE Software releases 17.9.1, 17.9.1a, or 17.9.1w and have a tunnel interface configured.


We highly recomend checking the release for more information and affected devices / IOS Versions.


12 views

Recent Posts

See All

On April the 13th, CISA added two known vulnerabilities to their catalog. This time we can find a vulnerability that affects the Android Framework, by meanings of a Privilege Escalation Vulnerability.

bottom of page