Cisco Releases Security Patches for Critical Flaws Affecting its Products

Nested Applications

Asset Publisher


Cybersecurity researchers have disclosed details about a new malware family that relies on the Common Log File System (CLFS) to hide a second-stage payload in registry transaction files in an attempt to evade detection mechanisms.

Cisco has patched a critical security vulnerability impacting its Enterprise Network Function Virtualization Infrastructure Software (NFVIS) that could be exploited by an attacker to take control of an affected system.

A recent wave of spear-phishing campaigns leveraged weaponized Windows 11 Alpha-themed Word documents with Visual Basic macros to drop malicious payloads, including a JavaScript implant, against a point-of-sale (PoS) service provider located in the U.S.

A day after releasing Patch Tuesday updates, Microsoft acknowledged yet another remote code execution vulnerability in the Windows Print Spooler component, adding that it's working to remediate the issue in an upcoming security update.

Networking equipment major Cisco has rolled out patches to address critical vulnerabilities impacting its Small Business VPN routers that could be abused by a remote attacker to execute arbitrary code and even cause a denial-of-service (DoS) condition.

We are a member of First

We are a member of First






Most Viewed Assets

null Cisco Releases Security Patches for Critical Flaws Affecting its Products

Cisco has addressed a maximum severity vulnerability in its Application Centric Infrastructure (ACI) Multi-Site Orchestrator (MSO) that could allow an unauthenticated, remote attacker to bypass authentication on vulnerable devices.

"An attacker could exploit this vulnerability by sending a crafted request to the affected API," the company said in an advisory published yesterday. "A successful exploit could allow the attacker to receive a token with administrator-level privileges that could be used to authenticate to the API on affected MSO and managed Cisco Application Policy Infrastructure Controller (APIC) devices."

The bug, tracked as CVE-2021-1388, ranks 10 (out of 10) on the CVSS vulnerability scoring system and stems from an improper token validation in an API endpoint of Cisco ACI MSO installed the Application Services Engine. It affects ACI MSO versions running a 3.0 release of the software.
The ACI Multi-Site Orchestrator lets customers monitor and manage application-access networking policies across Cisco APIC-based devices.

Separately, the company also patched multiple flaws in Cisco Application Services Engine (CVE-2021-1393 and CVE-2021-1396, CVSS score 9.8) that could grant a remote attacker to access a privileged service or specific APIs, resulting in capabilities to run containers or invoke host-level operations, and learn "device-specific information, create tech support files in an isolated volume, and make limited configuration changes."

Both the flaws were a result of insufficient access controls for an API running in the Data Network, Cisco noted.

The networking major said the aforementioned three weaknesses were discovered during internal security testing but added it detected no malicious attempts exploiting the vulnerabilities in the wild.
Lastly, Cisco fixed a vulnerability (CVE-2021-1361, CVSS score 9.8) in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches running NX-OS, the company's network operating system used in its Nexus-branded Ethernet switches.

This could allow a bad actor to create, delete, or overwrite arbitrary files with root privileges on the device, the company cautioned, including permitting the attacker to add a user account without the device administrator's knowledge.

Cisco said Nexus 3000 and Nexus 9000 switches running Cisco NX-OS Software Release 9.3(5) or Release 9.3(6) are vulnerable by default.

"This vulnerability exists because TCP port 9075 is incorrectly configured to listen and respond to external connection requests," Cisco outlined in the adversary. "An attacker could exploit this vulnerability by sending crafted TCP packets to an IP address that is configured on a local interface on TCP port 9075."

The patches come weeks after Cisco rectified as many as 44 flaws in its Small Business routers that could potentially allow an unauthenticated, remote attacker to execute arbitrary code as the root user and even cause a denial-of-service condition.

Nested Applications

Contact Us

Free Call[OH]: 933

Phone Number: +251-993939270




P.O.Box: 124498

Asset Publisher


Nested Applications

Asset Publisher



  • Trustworthiness
  • Innovation
  • Scientific
  • Democracy
  • Synergy
  • Saving