Last updated on December 12th, 2022 at 02:27 pm

Network solutions provider Cisco has released updates to address high-severity security vulnerabilities that could allow threat actors to take control of affected systems and carry out denial-of-service attacks (DoS).

The details of these security vulnerabilities are as follows:

The vulnerability, tracked by code CVE-2022-20783 and due to lack of authentication, affects Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software.
The vulnerability tracked by code CVE-2022-20773 and found in Cisco Umbrella Virtual Appliance (VA) relates to a static SSH host switch that allows threat actors to perform potential Man-In-The-Middle (MitM) attacks.
The vulnerability, tracked by code CVE-2022-20732, could allow threat actors to view and modify database content to elevate their privileges on the affected device.

Cisco has also fixed many medium-severity vulnerabilities affecting other products in its product line, including Webex Meeting, Unified Communications Products, Umbrella Secure Web Gateway, and IOS XR Software. In this context, it is recommended to immediately upgrade the vulnerable versions to the published updates in order not to be the target of attacks that can be carried out using vulnerabilities.

cisco cisco network CVE-2022-20732 CVE-2022-20773 CVE-2022-20783 denial of service DOS

Three Critical Vulnerabilities Detected Affecting Cisco Products

Perspective of the Month | APT Groups

BellaCiao: The New Malware From Iran’s Charming Kitten

Security News Digest | Security Newsletter | April 27, 2023

Cyber Security Trends in 2023: What You Need to Know

We know what hackers know about you

Solutions

Use Case

Partners

Company