Cisco Releases Security Updates for Multiple Products

Original release date: February 6, 2020

Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories webpage.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco advisories, as well Vulnerability Note #261385 from the CERT Coordination Center (CERT/CC), and apply the necessary updates:

IP Phone Remote Code Execution and Denial-of-Service Vulnerability cisco-sa-20200205-voip-phones-rce-dos
NX-OS Software Cisco Discovery Protocol Remote Code Execution Vulnerability cisco-sa-20200205-nxos-cdp-rce
Video Surveillance 8000 Series IP Cameras Cisco Discovery Protocol Remote Code Execution and Denial-of-Service Vulnerability cisco-sa-20200205-ipcameras-rce-dos
IOS XR Software Cisco Discovery Protocol Format String Vulnerability cisco-sa-20200205-iosxr-cdp-rce
FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial-of-Service Vulnerability cisco-sa-20200205-fxnxos-iosxr-cdp-dos

This product is provided subject to this Notification and this Privacy & Use policy.

Source link

admin