Your one-stop web resource providing safety and security information to manufacturers

Cisco issued warnings about multiple security vulnerabilities in its next-generation VPN client an attacker can exploit to inject and execute malicious code and a denial of service (DoS) hole in a series of security appliances.

In one warning, there are multiple security vulnerabilities in Cisco’s next-generation VPN client. Affected products include the AnyConnect Secure Mobility Client, along with Cisco Secure Desktop HostScan for Windows, Mac OS X and Linux. Click here for details on these, including which versions are vulnerable, workarounds and patch information.

Networking Fixes from Cisco, Wireshark
USB Malware Heart of Investigation
Flame and SCADA Security
Finding, Stopping a Bot

In a separate advisory, Cisco said it addressed a DoS vulnerability in its ASA 5500 Series Adaptive Security Appliances (ASA) and Catalyst 6500 Series ASA Services Module (ASASM) that could have allowed a remote, unauthenticated attacker to trigger a restart on an affected device.

Additionally, the company closed a hole in its Cisco Application Control Engine (ACE) software: When running in multicontext mode, users could inadvertently log into an unintended context as the administrator, allowing them to view and change configurations.

Cyber Security

Pin It on Pinterest

Share This