Cisco Releases Security Updates for Multiple Products

Original release date: January 14, 2021

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:

• AnyConnect Secure Mobility Client for Windows DLL Injection Vulnerability cisco-sa-anyconnect-dll-injec-pQnryXLf
• Connected Mobile Experiences Privilege Escalation Vulnerability cisco-sa-cmxpe-75Asy9k
• Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Command Injection Vulnerabilities cisco-sa-rv-command-inject-LBdQ2KRN
• Small Business RV110W, RV130, RV130W, and RV215W Routers Management Interface Remote Command Execution and Denial of Service Vulnerabilities cisco-sa-rv-overflow-WUnUgv4U

Source link