Cisco and VMware Security Update Release
Cisco and VMware have released security updates to address critical product vulnerabilities.
Cisco and VMware have released security updates to address critical product vulnerabilities that could allow attackers to execute arbitrary code on affected systems. The most severe vulnerability is a command injection flaw in Cisco Industrial Network Director that arises due to improper input validation when uploading a Device Pack. An authenticated local attacker could exploit a medium-severity file permissions vulnerability in the same product to view sensitive information.
Cisco has also fixed another critical flaw in the external authentication mechanism of the Modeling Labs network simulation platform. Meanwhile, VMware has warned of a critical deserialization flaw impacting multiple Aria Operations for Logs versions and a high-severity command injection flaw that could allow an attacker with admin privileges to run arbitrary commands as root. As Cybersecurity experts, DataGuard recommend that users apply the updates to mitigate potential threats, as their appliances have become lucrative targets for threat actors.
Data-Guard 365 encourages users, and IT support teams to review the following advisories and apply the necessary updates.
- Industrial Network Director Click Here
- Modeling Labs Click Here
- IOS and IOS XE Click Here
- StarOS Click Here
- BroadWorks Network Server Click Here
Mike Reece, DataGuard Chief Executive Officer
DataGuard is a MSSP firm headquartered in Chicago, Illinois, with offices in Indianapolis, Atlanta, and other strategic locations across the globe. The company is a one-of-a-kind business partner whose people, processes, and technology provide invincible cyber security for a price point that pays for itself.
www.data-guard365.com / (317) 967-6767 / info@data-guard365.com
Back to Articles/Blog