Cisco Releases Multiple Security Updates

Original release date: June 18, 2020

Cisco has released security updates to address vulnerabilities affecting multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Webex Meetings and Cisco Webex Meetings Server Token Handling Unauthorized Access Vulnerability cisco-sa-webex-token-zPvEjKN
• Webex Meetings Desktop App URL Filtering Arbitrary Program Execution Vulnerability cisco-sa-webex-client-url-fcmpdfVY
• Webex Meetings Desktop App for Mac Update Feature Code Execution Vulnerability cisco-sa-webex-client-mac-X7vp65BL
• TelePresence Collaboration Endpoint and RoomOS Software Command Injection Vulnerability cisco-sa-tp-cmd-inj-7ZpWhvZb
• Small Business RV Series Routers Stack Overflow Arbitrary Code Execution Vulnerabilities cisco-sa-rv-routers-stack-vUxHmnNz
• Small Business RV110W, RV130, RV130W, and RV215W Series Routers Management Interface Vulnerabilities cisco-sa-rv-routers-injection-tWC7krKQ
• Small Business RV Series Routers Command Injection Vulnerabilities cisco-sa-rv-routers-Rj5JRfF8

Source link