Blog
Share This Post
[ad_1]
Patches have been issued by Cisco for several security flaws impacting its products, the most severe of which are a pair of critical vulnerabilities in the Smart Licensing Utility, tracked as CVE-2024-20439 and CVE-2024-20440, reports SecurityWeek.
Threat actors could leverage CVE-2024-20439 via static credentials to facilitate the compromise of targeted systems with administrative privileges while intrusions involving CVE-2024-20440 could enable the acquisition of log files with credentials and other sensitive details, according to an advisory from Cisco. Also addressed by Cisco were a high-severity code execution vulnerability in the Meraki Systems Manager agent for Windows, as well as medium-severity bugs in Duo Epic for Hyperdrive, Expressway Edge, and the Identity Services Engine. Abuse of the ISE flaw, tracked as CVE-2024-20469, could permit operating system command injections and privilege escalation. “This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command,” said Cisco.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
