Cisco has disclosed 13 big security vulnerabilities in its most recent software security advisory for Cisco IOS and Cisco IOS XE.
The networking giant is recommending that all admins review which
versions of Cisco IOS and IOS XE their devices are running to make sure that
they have been updated to versions that address the 13 separate flaws it
discovered.
Running an outdated version could
mean their devices are exposed to some of these vulnerabilities, said Cisco.
According
to Cisco, these vulnerabilities could result in malicious parties gaining
access to these devices, which in turn could let them run several forms of
attacks – including command-injection or DDoS attacks.
The 13
high-severity vulnerabilities disclosed by Cisco could give an attacker
unauthorized access to an affected device, allow them to run a
command-injection attack, or deplete a device’s resources which would lead to a
denial of service.
CVE-2019-12648 is the most threatening of these vulnerabilities, and
affects network operators that use the 800 and 1000 series routers.
