Cisco warns of attacks targeting high severity router vulnerability

Cisco warned of attacks actively targeting the CVE-2020-3118 high severity vulnerability found to affect multiple carrier-grade routers that run the company's Cisco IOS XR Software. The IOS XR Network OS is deployed on several Cisco router platforms including NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers. The vulnerability impacts third-party white … Continue reading Cisco warns of attacks targeting high severity router vulnerability

Critical SonicWall vulnerability affects 800K firewalls, patch now

A critical stack-based Buffer Overflow vulnerability has been discovered in SonicWall VPNs. When exploited, it allows unauthenticated remote attackers to execute arbitrary code on the impacted devices. Tracked as CVE-2020-5135, the vulnerability impacts multiple versions of SonicOS ran by hundreds of thousands of active VPNs. Craig Young of Tripwire Vulnerability and Exposure Research Team (VERT) … Continue reading Critical SonicWall vulnerability affects 800K firewalls, patch now

Adobe fixes critical security vulnerability in Flash Player

Adobe has released a security update for a critical remote code execution vulnerability in Adobe Flash Player that could be exploited by simply visiting a website. Adobe states that hackers could exploit this vulnerability, tracked as CVE-2020-9746, by inserting malicious strings in HTTP responses when users visit a website. "Exploitation of CVE-2020-9746 requires an attacker … Continue reading Adobe fixes critical security vulnerability in Flash Player

Microsoft clarifies patch confusion for Windows Zerologon flaw

Microsoft clarified the steps customers should take to make sure that their devices are protected against ongoing attacks using Windows Server Zerologon (CVE-2020-1472) exploits. The company revised the advisory after customers found Microsoft's original guidance confusing and were unsure if applying the patch was enough to protect vulnerable Windows Server devices from attacks. In a … Continue reading Microsoft clarifies patch confusion for Windows Zerologon flaw

Cisco fixes 34 High-Severity flaws in IOS and IOS XE software

Cisco patched 34 high-severity flaws affecting its IOS and IOS XE software, some of them can be exploited by a remote unauthenticated attacker. Cisco on Thursday released security patches for 34 high-severity vulnerabilities affecting its IOS and IOS XE software. The IT giant issued 25 advisories as part of the September 2020 semiannual IOS and … Continue reading Cisco fixes 34 High-Severity flaws in IOS and IOS XE software