Cisco Releases Security Updates

Original release date: February 4, 2021

Cisco has released security updates to address vulnerabilities in Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

• Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities cisco-sa-rv160-260-rce-XZeFkNHf
• Sudo Privilege Escalation Vulnerability Affecting Cisco Products: January 2021 cisco-sa-sudo-privesc-jan2021-qnYQfcM
• Cisco IOS XR Software IPv6 Flood Denial of Service Vulnerability cisco-sa-xripv6-spJem78K
• Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Arbitrary File Write Vulnerabilities cisco-sa-rv160-260-filewrite-7x9mnKjn
• Cisco Small Business RV Series Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities cisco-sa-rv-overflow-ghZP68y
• Cisco Small Business RV Series Routers Management Interface Command Injection Vulnerabilities cisco-sa-rv-command-inject-BY4c5zd
• Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Image Verification Vulnerabilities cisco-sa-ioxr-l-zNhcGCBt
• Cisco IOS XR Software for Cisco 8000 Series Routers and Network Convergence System 540 Series Routers Privilege Escalation Vulnerability cisco-sa-iosxr-pe-QpzCAePe
• Cisco IOS XR Software Enf Broker Denial of Service Vulnerability cisco-sa-iosxr-dos-WwDdghs2

Source link