Cisco fixed two high severity vulnerabilities in two products this week that could have let an attacker trigger a denial of service condition or bypass local authentication.

Researchers Tavis Ormandy and Cris Neckar privately disclosed a critical vulnerability in Cisco’s WebEx extension for Chrome and Firefox that allows for remote code execution.

Cisco patched nine publicly disclosed remote code execution vulnerabilities in the SNMP subsystem running in its IOS and IOS XE software.

Cisco patched two critical flaws in its Prime Data Center Network Manager, including one that could be exploited remotely and allow an attacker root access.

Cisco warns of 16 flaws in its latest security bulletin, mostly impacting its Cisco AsyncOS software used in its Email Security Appliances.

Cisco rolls out a bevy of patches tied to vulnerabilities found in its cloud services platform, IOS software and Prime Home products.

Cisco today began the process of patching a zero-day vulnerability in its Adaptive Security Appliance (ASA) software exposed in the ShadowBrokers data dump. Users on affected versions of ASA, 7.2, and 8.0 through 8.7, are urged to migrate soon to 9.1.7(9) or later. Newer versions that are also implicated—9.1 through 9.6—are expected to be updated...

Exploits against enterprise-grade Cisco firewalls dumped by the ShadowBrokers have quickly—and apparently without a lot of strenuous effort—been upgraded to attack more current versions of ASA. Researchers at Silent Signal in Hungary yesterday tweeted they had ported the EXTRABACON attack to ASA version 9.2(4), which was released a year ago. We successfully ported EXTRABACON to...

Juniper Networks on Friday acknowledged that exploits contained in the ShadowBrokers data dump do indeed target its products. “As part of our analysis of these files, we identified an attack against NetScreen devices running ScreenOS,” said Derrick Scholl, director of security incident response at Juniper. “We are examining the extent of the attack, but initial analysis...

Cisco has quickly patched two vulnerabilities that were disclosed in the ShadowBrokers’ data dump. The networking giant today released advisories that it had fixed the flaws in its Adaptive Security Appliance (ASA), one of which was rated high severity; both of the vulnerabilities enable remote code execution. The ShadowBrokers are an unknown group of hackers...