Cisco warns over 25 high-impact flaws in its IOS and IOS XE software
Cisco is urging customers to install patches for 25 high severity flaws existing in its previous version of IOS and ISO XE networking gear software. In total, Cisco disclosed and patched 34 flaws, 25 of which were classified as critical. The announcement is part of Cisco’s semi-annual effort to fix vulnerabilities in the Cisco routers and network switches. The router technology is very popular and therefore can become an easy target for hackers if left un-updated.
The statement contains information about two advisories with a severity score of 8.8, the highest risk represented in this update. One notable flaw allows for a threat actor to potentially bypass authorization in the Cisco IOS XE software within the web user interface. This could potentially allow a remote attacker to access portions of the user interface so long as they obtain valid credentials by some means.