Cisco Security Vulnerability Thread.

NashBrydges

This thread just makes it seem like Cisco is asleep at the wheel. lol

travisdh1

@NashBrydges said in Cisco Security Vulnerability Thread.:

This thread just makes it seem like Cisco is asleep at the wheel. lol

This isn't even asleep at the wheel, our interns here do security better than Cisco! This is into actively malicious territory imo.

travisdh1

Cisco ASA and FTD Software Cryptographic TLS and SSL Driver Denial of Service Vulnerability

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190710-asa-ftd-dos

Only a few ASA-5500 models affected this time.

travisdh1

All your signs are belong to us: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190717-cvdsd-wmauth

Plus the normal plethora: https://tools.cisco.com/security/center/publicationListing.x

nadnerB

https://www.itnews.com.au/news/cisco-whistleblower-gets-first-false-claims-payout-over-cyber-security-528963

Cisco Systems has agreed to settle a whistleblower’s claim that it improperly sold video surveillance software with known vulnerabilities to US federal and state governments

travisdh1

ZDNet: Patch now: Cisco IOS XE routers exposed to rare 10/10-severity security flaw.
https://www.zdnet.com/article/patch-now-cisco-ios-xe-routers-exposed-to-rare-1010-severity-security-flaw/

Been a little busy with new job and big changes in my personal life. I've missed a BUNCH of things that should be here. This is one of those that you can't ignore tho.

travisdh1

https://www.zdnet.com/article/cisco-warning-these-routers-running-ios-have-9-910-severity-security-flaw/

scottalanmiller

https://www.zdnet.com/google-amp/article/cisco-these-wi-fi-access-points-are-easily-owned-by-remote-hackers-so-patch-now/

RojoLoco

Spotted online today:

cisco security.png

travisdh1

@RojoLoco said in Cisco Security Vulnerability Thread.:

Spotted online today:

Please tell me you have the link to send me? I have to post on that one!

travisdh1

I've been way too busy to keep up with this lately, but just spotted this little doozy.

https://www.zdnet.com/article/cisco-critical-bugs-nexus-data-center-switch-software-needs-patching-now/

DustinB3403

Another one.

https://arstechnica.com/information-technology/2020/01/unpatched-citrix-vulnerability-now-exploited-patch-weeks-away/

coliver

@DustinB3403 said in Cisco Security Vulnerability Thread.:

Another one.

https://arstechnica.com/information-technology/2020/01/unpatched-citrix-vulnerability-now-exploited-patch-weeks-away/

That's Citrix.

DustinB3403

@coliver said in Cisco Security Vulnerability Thread.:

@DustinB3403 said in Cisco Security Vulnerability Thread.:

Another one.

https://arstechnica.com/information-technology/2020/01/unpatched-citrix-vulnerability-now-exploited-patch-weeks-away/

That's Citrix.

whoops