MA-984.112023: MyCERT Advisory - Cisco Releases Security Advisories for Multiple Products

  • 10 Nov 2023
  • Advisory
  • cisco, update, vulnerability

1.0 Introduction

Recently, Cisco released security advisories for vulnerabilities affecting multiple Cisco products.

2.0 Impact
A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

3.0 Affected Products

  • Cisco Firepower Management Center Software
  • Cisco Identity Services Engine
  • Cisco Firepower Threat Defense Software for Cisco Firepower 2100 Series Firewalls
  • Cisco Firepower Threat Defense Software
  • Cisco Firepower Threat Defense Software and Firepower Management Center Software 
  • Cisco Firepower Management Center Software
  • Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software 

4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates:

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References
https://www.cisa.gov/news-events/alerts/2023/11/03/cisco-releases-security-advisories-multiple-products

MA-974.092023: MyCERT Advisory - Cisco Security Advisories Published on 27 September 2023

  • 29 Sep 2023
  • Advisory
  • cisco, ios, zero day, update

1.0 Introduction

Recently, Cisco has released security advisories for vulnerabilities affecting multiple Cisco products.

2.0 Impact
A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.

3.0 Affected Products
Multiple Cisco products.

4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates:

1) Cisco Catalyst SD-WAN Manager Vulnerabilities - SIR: Critical
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-vman-sc-LRLfu2z

2) Cisco IOS XE Software Web UI Command Injection Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdij-FzZAeXAy

3) Cisco IOS XE Software Layer 2 Tunneling Protocol Denial of Service Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-l2tp-dos-eB5tuFmV

4) Cisco IOS XE Software Application Quality of Experience and Unified Threat Defense Denial of Service Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-appqoe-utd-dos-p8O57p5y

5) Cisco DNA Center API Insufficient Access Control Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-ins-acc-con-nHAVDRBZ

6) Cisco IOS XE Software for ASR 1000 Series Aggregation Services Routers IPv6 Multicast Denial of Service Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlre-H93FswRz

7) Cisco IOS XE Software for Catalyst 3650 and Catalyst 3850 Series Switches Denial of Service Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat3k-dos-ZZA4Gb3r

8) Cisco IOS and IOS XE Software Command Authorization Bypass Vulnerability - SIR: High
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-aaascp-Tyj4fEJm

9) Cisco IOS and IOS XE Software Cisco Group Encrypted Transport VPN Software Out-of-Bounds Write Vulnerability - SIR: Medium
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-getvpn-rce-g8qR68sx

10) Cisco Wireless LAN Controller AireOS Software Denial of Service Vulnerability - SIR: Medium
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cbw-dos-YSmbUqX3

11) Cisco IOS XE Software for Wireless LAN Controllers Wireless Network Control Denial of Service Vulnerability - SIR: Medium
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-HFGMsfSD

12) Cisco Catalyst 9100 Access Points Denial of Service Vulnerability - SIR: Medium
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-click-ap-dos-wdcXkvnQ

13) Cisco Access Point Software Uncontrolled Resource Consumption Vulnerability - SIR: Medium
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-dos-capwap-DDMCZS4m

14) Cisco Catalyst SD-WAN Manager Web UI HTML Injection Vulnerability - SIR: Medium
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-3ZKh8d6x
 

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References

MA-969.092023: MyCERT Advisory - Cisco Releases Security Advisories for Multiple Products

  • 16 Sep 2023
  • Advisory
  • cisco, update

1.0 Introduction

Recently, Cisco has released security advisories to address vulnerabilities affecting multiple Cisco products.

2.0 Impact
A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition. 

3.0 Affected Products

4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates.

Kindly refer to the following:

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References
https://www.cisa.gov/news-events/alerts/2023/09/07/cisco-releases-security-advisories-multiple-products
 

MA-958.082023: MyCERT Advisory - Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability

  • 05 Aug 2023
  • Advisory
  • cisco, broadworks, commpilot, appliation, css, xss,

1.0 Introduction

Recently, a vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

2.0 Impact
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.

3.0 Affected Products
At the time of publication, this vulnerability affected the following Cisco products:

  • BroadWorks Application Delivery Platform
  • BroadWorks Application Server (AS)
  • BroadWorks Xtended Services Platform (XSP)

4.0 Recommendations
There are no workarounds that address this vulnerability. The Cisco PSIRT is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

In all cases, customers should ensure that the devices to be upgraded contain sufficient memory and confirm that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, customers are advised to contact the Cisco Technical Assistance Center (TAC) or their contracted maintenance providers.

Kindly visit https://www.cisco.com/go/psirt for more information.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-commpilot-xss-jC46sezF

 

MA-935.052023: MyCERT Advisory - Cisco SPA112 2-Port Phone Adapters Remote Command Execution Vulnerability

  • 08 May 2023
  • Advisory
  • cisco, vulnerability, phone, spa112

1.0 Introduction

On May 3, 2023, Cisco released an advisory to address a critical vulnerability in the web-based management system of the Cisco SPA112 2-Port Phone Adapters. The vulnerability is tracked as CVE-2023-20126 and has a CVSS score of 9.8.

2.0 Impact
A vulnerability in the web-based management interface of Cisco SPA112 2-Port Phone Adapters
could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to a missing authentication process within the firmware upgrade function. An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges.

There are currently no reports yet of an active exploitation of this vulnerability.

3.0 Affected Products
This vulnerability affects all firmware releases for Cisco SPA112 2-Port Phone Adapters.

Moreover, Cisco has not released and will not release firmware updates to address the vulnerability, because Cisco SPA112 2-Port Phone Adapters have entered the end of-life process and are no longer supported.

4.0 Recommendations
MyCERT encourage constituents to discontinue using the product, as well as verify if any other similar – possibly also no longer supported – products are in use.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References

MA-934.042023: MyCERT Advisory - Cisco Releases Security Advisories for Multiple Products

  • 25 Apr 2023
  • Advisory
  • cisco, security, update

1.0 Introduction

Recently, Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling Labs, StarOS Software, and BroadbandWorks Network Server.

2.0 Impact
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

3.0 Affected Products

  • Industrial Network Director (IND) 
  • Modeling Labs
  • StarOS Software
  • BroadbandWorks Network Server.

4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates.

For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References
https://www.cisa.gov/news-events/alerts/2023/04/21/cisco-releases-security-advisories-multiple-products

MA-895.122022: MyCERT Advisory - Cisco Releases Security Advisory for IP Phone 7800 and 8800 Series

  • 12 Dec 2022
  • Advisory
  • cisco, ip phone, update

1.0 Introduction

Recently, Cisco released a security advisory for a vulnerability affecting IP Phone 7800 and 8800 Series. 

2.0 Impact
A remote attacker could exploit this vulnerability to cause a denial-of-service condition. A vulnerability in the Cisco Discovery Protocol processing feature of Cisco IP Phone 7800 and 8800 Series firmware could allow an unauthenticated, adjacent attacker to cause a stack overflow on an affected device.

This vulnerability is due to insufficient input validation of received Cisco Discovery Protocol packets. An attacker could exploit this vulnerability by sending crafted Cisco Discovery Protocol traffic to an affected device. A successful exploit could allow the attacker to cause a stack overflow, resulting in possible remote code execution or a denial of service (DoS) condition on an affected device.

3.0 Affected Products

  • IP Phone 8800 Series (except Cisco Wireless IP Phone 8821)
  • IP Phone 7800 Series

4.0 Recommendations
MyCERT encourages users and administrators to review Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol Stack Overflow Vulnerability and apply the necessary updates.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References

MA-891.112022: MyCERT Advisory - Cisco Releases Security Updates for Identity Services Engine

  • 17 Nov 2022
  • Advisory
  • cisco, security, update, ise, vulnerability

1.0 Introduction

Recently, Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine (ISE).

2.0 Impact
A remote attacker could exploit some of these vulnerabilities to bypass authorization and access system files.

3.0 Affected Products
Cisco Identity Services Engine (ISE)

4.0 Recommendations
For updates addressing vulnerabilities, see the Cisco Security Advisories page.   

MyCERT encourages users and administrators to review the following advisories and apply the necessary updates:

Generally, MyCERT advises the users of these devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References
https://www.cisa.gov/uscert/ncas/current-activity/2022/11/16/cisco-releases-security-updates-identity-services-engine

MA-887.112022: MyCERT Advisory - Cisco Releases Security Updates for Multiple Products

  • 11 Nov 2022
  • Advisory
  • cisco, update, vulnerability, security

1.0 Introduction

Recently, Cisco has released security updates to address vulnerabilities in multiple Cisco products.

2.0 Impact
A remote attacker could exploit?some?of these vulnerabilities to take control of an affected system.

3.0 Affected Products
•    Cisco Adaptive Security Appliance Software
•    Cisco Secure Firewall 3100 Series
•    Cisco Firepower Threat Defense Software
•    Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software

4.0 Recommendations
MyCERT encourages users and administrators to review the following advisories and apply the necessary updates:

•    Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SSL/TLS Client Denial of Service Vulnerability cisco-sa-ssl-client-dos-cCrQPkA
•    Cisco Secure Firewall 3100 Series Secure Boot Bypass Vulnerability cisco-sa-fw3100-secure-boot-5M8mUh26
•    Cisco Firepower Threat Defense Software Generic Routing Encapsulation Denial of Service Vulnerability cisco-sa-ftd-gre-dos-hmedHQPM
•    Cisco FirePOWER Software for ASA FirePOWER Module, Firepower Management Center Software, and NGIPS Software SNMP Default Credential Vulnerability cisco-sa-fmcsfr-snmp-access-6gqgtJ4S
•    Cisco Firepower Management Center and Firepower Threat Defense Software SSH Denial of Service Vulnerability cisco-sa-fmc-dos-OwEunWJN
•    Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software SNMP Denial of Service Vulnerability cisco-sa-asaftd-snmp-dos-qsqBNM6x
•    Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Dynamic Access Policies Denial of Service Vulnerability cisco-sa-theseasa-ftd-dap-dos-GhYZBxDU

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References
https://www.cisa.gov/uscert/ncas/current-activity/2022/11/10/cisco-releases-security-updates-multiple-products

MA-884.112022: MyCERT Advisory - Cisco Releases Security Updates for Multiple Products

  • 04 Nov 2022
  • Advisory
  • cisco, security, update

1.0 Introduction
Recently, Cisco has released security updates for vulnerabilities affecting multiple products.

2.0 Impact
A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

3.0 Affected Products
Cisco is investigating its product line to determine which products and cloud services may be affected by these vulnerabilities. If a product or cloud offer is not explicitly listed in the advisory, it is not vulnerable.

4.0 Recommendations
For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page

MyCERT encourages users and administrators to review the advisories and apply the necessary updates.

Generally, MyCERT advises the users of this devices to be updated with the latest security announcements by the vendor and follow best practice security policies to determine which updates should be applied.

For further enquiries, please contact MyCERT through the following channels:

E-mail: cyber999[at]cybersecurity.my 
Phone: 1-300-88-2999 (monitored during business hours) 
Mobile: +60 19 2665850 (24x7 call incident reporting) 
Business Hours: Mon - Fri 09:00 -18:00 MYT 
Web: https://www.mycert.org.my 
Twitter: https://twitter.com/mycert 
Facebook: https://www.facebook.com/mycert.org.my

5.0    References

Showing 1-10 of 19 items.
(not set)
(not set)
(not set)
(not set)
(not set)
(not set)
(not set)
(not set)
(not set)
(not set)