Search cyberveille.decio.ch

Found 7 bookmarks

Custom sorting

Critical Cisco ISE bug can let attackers run commands as root

Cisco has fixed two critical Identity Services Engine (ISE) vulnerabilities that can let attackers with read-only admin privileges bypass authorization and run commands as root.

#bleepingcomputer #EN #2025 #Bypass #Cisco #Cisco-ISE #Identity-Services-Engine #RCE #Remote-Command-Execution #Root

·bleepingcomputer.com·Feb 6, 2025

Critical Cisco ISE bug can let attackers run commands as root

Cisco warns of backdoor admin account in Smart Licensing Utility

Cisco has removed a backdoor account in the Cisco Smart Licensing Utility (CSLU) that can be used to log into unpatched systems with administrative privileges.

#bleepingcomputer #EN #2024 #Backdoor #Cisco #Smart-Licensing-Utility

·bleepingcomputer.com·Sep 4, 2024

Cisco warns of backdoor admin account in Smart Licensing Utility

Critical Cisco bug lets hackers add root users on SEG devices

Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness that allows replacing any file on the underlying operating system.

#bleepingcomputer #EN #2024 #Code #InfoSec #Execution #Path #Gateway #Denial #DoS #Remote #Cisco #RCE #CVE-2024-20401 #SEG

·bleepingcomputer.com·Jul 19, 2024

Critical Cisco bug lets hackers add root users on SEG devices

Cisco warns of NX-OS zero-day exploited to deploy custom malware

Cisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches.

#bleepingcomputer #EN #2024 #China #Cisco #Command-Injection #Malware #NX-OS #Root #Switch #Velvet-Ant #Zero-Day

·bleepingcomputer.com·Jul 1, 2024

Cisco warns of NX-OS zero-day exploited to deploy custom malware

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco disclosed a new high-severity zero-day (CVE-2023-20273) today, actively exploited to deploy malicious implants on IOS XE devices compromised using the CVE-2023-20198 zero-day unveiled earlier this week.

#bleepingcomputer #EN #2023 #Cisco #IOS-XE #Zero-Day #CVE-2023-20273

·bleepingcomputer.com·Oct 21, 2023

Cisco discloses new IOS XE zero-day exploited to deploy malware implant

Cisco discloses high-severity IP phone zero-day with exploit code

Cisco has disclosed today a high-severity zero-day vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks.

#bleepingcomputer #EN #2022 #Cisco #Denial-of-Service #DoS #RCE #Remote-Code-Execution #Zero-Day #CVE-2022-20968

·bleepingcomputer.com·Dec 12, 2022

Cisco discloses high-severity IP phone zero-day with exploit code

Cisco has disclosed today a high-severity zero-day vulnerability affecting the latest generation of its IP phones and exposing them to remote code execution and denial of service (DoS) attacks.

#bleepingcomputer #EN #2022 #Cisco #Denial-of-Service #DoS #RCE #Remote-Code-Execution #Zero-Day #CVE-2022-20968

·bleepingcomputer.com·Dec 12, 2022

Cisco discloses high-severity IP phone zero-day with exploit code