Cisco Releases Security Updates for Multiple Products

Original release date: September 9, 2021

Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

CISA encourages users and administrators to review the following Cisco advisories and apply the necessary updates:

• Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability cisco-sa-npspin-QypwdhFD
• Cisco IOS XR Software IP Service Level Agreements and Two-Way Active Measurement Protocol Denial of Service Vulnerability cisco-sa-ipsla-ZA3SRrpP
• Cisco IOS XR Software Arbitrary File Read and Write Vulnerability cisco-sa-iosxr-scp-inject-QwZOCv2
• Cisco IOS XR Software Authenticated User Privilege Escalation Vulnerabilities cisco-sa-iosxr-privescal-dZYMrKf

Source link