Cisco Releases Advisories for Multiple Products

Original release date: January 21, 2021

Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:

• Cisco SD-WAN Command Injection Vulnerabilities [cisco-sa-sdwan-cmdinjm-9QMSmgcn]
• Cisco SD-WAN Buffer Overflow Vulnerabilities cisco-sa-sdwan-bufovulns-B5NrSHbj
• Cisco DNA Center Command Runner Command Injection Vulnerability cisco-sa-dnac-cmdinj-erumsWh9
• Cisco Smart Software Manager Satellite Web UI Command Injection Vulnerabilities cisco-sa-cssm-multici-pgG5WM5A

Source link