/>
X
Business

Cisco releases 'critical' updates

Networking giant Cisco has published a raft of security advisories as part of its biannual patch-release schedule.
tom-espiner.jpg
Written by Tom Espiner, Contributor on

Networking giant Cisco has published a raft of security advisories as part of its biannual patch-release schedule.

(Credit: Suzanne Tindal/ZDNet.com.au)

Eleven of the advisories published this week cover vulnerabilities in Cisco's Internetwork Operating System (IOS), the software used on all Cisco switches and most Cisco routers.

The Cisco IOS vulnerabilities addressed include protocol flaws which cause system crashes and hangs, or leave systems open to denial-of-service attacks.

The remaining advisory addresses flaws in Cisco Unified Communications Manager that could leave systems open to denial-of-service attacks.

Details of the advisories and links to patches can be found on Cisco's security advisories web page.

Security company Secunia rated the threats 'moderately critical', as sensitive information could be exposed via some vulnerabilities that could allow remote access to a system.

Security company Symantec placed its 'ThreatCon' at level 2, or 'elevated', as a result of one the vulnerabilities affecting Cisco uBR10012 series devices.

When configured for linecard redundancy, Cisco uBR10012 series devices use an SNMP community string of 'private' and allow read/write access, warned Symantec, adding that remote attackers could exploit this vulnerability to gain complete control of affected routers.

In March, Cisco patched a number of vulnerabilities in products at risk from denial-of-service attacks.

Editorial standards

Related

Slow internet at home? This adapter is the key to faster wired connectivity
replace-this-image.jpg

Slow internet at home? This adapter is the key to faster wired connectivity

Meta's AI guru LeCun: Most of today's AI approaches will never lead to true intelligence
yann-lecun-crop-for-twitter-sept-2022

Meta's AI guru LeCun: Most of today's AI approaches will never lead to true intelligence

Programming languages: It's time to stop using C and C++ for new projects, says Microsoft Azure CTO
software-developer-programming-computer-language-jobs.jpg

Programming languages: It's time to stop using C and C++ for new projects, says Microsoft Azure CTO