September 27, 2023

Cisco has addressed multiple vulnerabilities in its products, including high-risk flaws in Webex Player, SD-WAN software, and ASR 5000 series software.

The IT giant fixed three high-severity vulnerabilities (CVE-2021-1503, CVE-2021-1526, CVE-2021-1502) affecting Webex Player for Windows and macOS. Both CVE-2021-1502, CVE-2021-1503 are memory corruption vulnerabilities that impact the Webex Network Recording Player and Webex Player releases 41.4 and later.

The CVE-2021-1526 is a memory corruption issue that attackers could exploit to execute arbitrary code on an affected system. The flaw could be exploited through rigged Webex Recording Format (WRF) files affects Cisco WebEx Player

The company also addressed a high risk vulnerability, tracked as CVE-2021-1528, in SD-WAN software. An attacker could exploit the vulnerability to gain elevated privileges on a vulnerable system.

The flaw affects SD-WAN versions 20.4 and 20.5 (vBond Orchestrator, vEdge Cloud and vEdge Routers, vManage, and vSmart Controller).

Cisco also patched two authorization bypass issues, tracked as CVE-2021-1539 and CVE-2021-1540, in ASR 5000 series software (StarOS) that could allow attackers to bypass authorization and execute CLI commands on an affected machine.

Tags:

Leave a Reply

You may have missed

BORN Canada latest victim of MoveIT data breach

September 27, 2023

Hardware Supply Chain Risk Assessment from CISA

September 27, 2023

Sony attack – Ransomed.vc claims responsibility

September 26, 2023

Chrome Zeroday – CVE-2023-4863 PoC Exploit Released

September 25, 2023

BlackCat adds Clarion to its Victim list

September 24, 2023

TheCyberThrone Security Week In Review – September 23, 2023

September 24, 2023
%d bloggers like this: