Cisco Announced 26 Vulnerabilities in the Last Two Days

Comments Off on Cisco Announced 26 Vulnerabilities in the Last Two Days

Cisco announced 26 vulnerabilities in over the last two days, including two critical flaws affecting core equipment that could grant attackers an avenue into networks.

The vulnerabilities CVE-2019-1625 and CVE-2019-1848  were a Cisco SD-WAN Solution privilege escalation vulnerability and a Cisco DNA Center authentication bypass vulnerability, respectively.

The privilege escalation vulnerability, CVE-2019-1625,  is caused by insufficient authorization enforcement and could allow the attacker to make configuration changes to the system as the root user.

NSA issues a warning about BlueKeep vulnerability

The authentication bypass vulnerability, CVE-2019-1848, is caused by insufficient access restriction to ports necessary for system operation and could allow an attacker to reach internal services that are not hardened for external access.

Cisco also notified users of a remote command execution vulnerability in several of its routers that can allow a remote attacker to execute arbitrary code on an affected device.

Related Articles

ABOUT US

Haxf4rall is a collective, a good starting point and provides a variety of quality material for cyber security professionals.

Our primary focus revolves around the latest tools released in the Infosec community and provide a platform for developers to showcase their skillset and current projects.

COMPANY
Live Chat
RESOURCES
Get Started
TOOLBOX
Tools Directory

2014 – 2020 | Haxf4rall.com               Stay Connected:

Facebook Twitter Google-plus Wordpress