Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks

  /     /     /  
Publicated : 23/11/2024   Category : security


Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks


Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk security vulnerabilities.



Cisco has released security updates for its flagship IOS and IOS XE operating system software for networking gear, as well as patches for its Access Point software.
The companys
security update for Cisco IOS
mitigates a total of 14 vulnerabilities, 10 of which are denial-of-service (DoS) bugs that can cause system crashes, unexpected reloads, and heap overflow. The most severe of the high-risk DoS bugs all allow exploitation by unauthenticated, remote attackers.
The other bugs allow privilege escalation, command injection, and access control list bypass.
Ciscos Access Point Software updates are for a
secure boot bypass vulnerability
(CVE-2024-20265), as well as another
denial of service vulnerability
(CVE-2024-20271). The former is a vulnerability in the boot process [that] could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot functionality and load a software image that has been tampered with on an affected device, according to the advistory.
CISA issued a follow-up alert encouraging administrators to
update their systems
as soon as possible.

Last News

▸ Scan suggests Heartbleed patches may not have been successful. ◂
Discovered: 23/12/2024
Category: security

▸ IoT Devices on Average Have 25 Vulnerabilities ◂
Discovered: 23/12/2024
Category: security

▸ DHS-funded SWAMP scans code for bugs. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Cisco IOS Bugs Allow Unauthenticated, Remote DoS Attacks