Posted on Leave a comment

Multiple High Severity Vulnerabilities are Fixed by Cisco on Webex, SD-WAN & ASR 5000 Software.

Cisco has released patches for 14+ High / Medium severity vulnerabilities reported on its Webex, SD-WAN & ASR 5000 software . Patch it ASAP.

The IT giant , Cisco has fixed the 3 high severity vulnerabilities reported on the webex Player for both the Mac and Windows operating system and 2 memory corruption vulnerabilities reported on Webex Network recording player and Webex players respectively.

“A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system“, stated in the advisory released by the vendor(tracked under CVE-2021-1503,CVE-2021-1502).

“A vulnerability in Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system.” tracked under CVE-2021-1526.

The company has also released the patches for a vulnerability on SD-WAN tracked as CVE-2021-1528 which affects 20.4 and 20.5 versions, using which an attacker can gain elevated privileges on the vulnerable target.

Cisco had stated that “This vulnerability exists because the affected software does not properly restrict access to privileged processes. An attacker could exploit this vulnerability by invoking a privileged process in the affected system. A successful exploit could allow the attacker to perform actions with the privileges of the root user.”

Cisco had also released the patches for two authorization bypass vulnerabilities tracked as CVE-2021-1539 and CVE-2021-1540 on Cisco ASR 5000 Series softwares which could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device.

-–For more Cyber security news in crisp content . Please follow our site.

Leave a Reply