Cisco has disclosed 13 big security vulnerabilities in its most recent software security advisory for Cisco IOS and Cisco IOS XE.
The networking giant is recommending that all admins review which versions of Cisco IOS and IOS XE their devices are running to make sure that they have been updated to versions that address the 13 separate flaws it discovered.
Running an outdated version could mean their devices are exposed to some of these vulnerabilities, said Cisco.
According to Cisco, these vulnerabilities could result in malicious parties gaining access to these devices, which in turn could let them run several forms of attacks – including command-injection or DDoS attacks.
The 13 high-severity vulnerabilities disclosed by Cisco could give an attacker unauthorized access to an affected device, allow them to run a command-injection attack, or deplete a device’s resources which would lead to a denial of service.
- Cisco fined for selling software with security flaws
- Cisco backs US GDPR calls
- Major security issues found in Cisco routers
CVE-2019-12648 is the most threatening of these vulnerabilities, and affects network operators that use the 800 and 1000 series routers.