Cisco Patches Flaws in Security Manager After Proof-of-Concept Code Released
Hundreds of TeslaPowerwall gateways exposed to hackers, Microsoft and chipmakers team to thwart sidechannel attacks, Malsmoke campaign lures visitors to adult entertainment sites, much more
Don’t miss our special report from this morning on Trump’s firing of CISA Director Chris Krebs.
As a reminder, starting in January, many of our special reports, along with our archives, will be behind a free newsletter subscription wall or a paywall. Consider signing up for a free email subscriber, and we’ll extend benefits to you before we end our free-to-all status.
Cisco published multiple security advisories concerning critical flaws in Cisco Security Manager (CSM) a week after the networking equipment maker quietly released patches with version 4.22 of the platform. The advisories came after researcher Florian Hauser (frycos) publicly disclosed proof-of-concept (PoC) code for as many as 12 security vulnerabilities affecting the web interface of CSM that makes it possible for an unauthenticated attacker to achieve remote code execution (RCE) attacks. The flaws were first disclosed three months ago, on July 13. (Ravie Lakshmanan / The Hacker News)
Related: IT Pro, ZDNet Security, Sec…
Keep reading with a 7-day free trial
Subscribe to Metacurity to keep reading this post and get 7 days of free access to the full post archives.