TL;DR 📌

A high-severity vulnerability has been identified in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software. This flaw could allow unauthenticated remote attackers to cause affected devices to reload, resulting in a denial of service (DoS) condition. Cisco has released fixed software, but there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the NBAR feature of Cisco IOS XE Software allows unauthenticated, remote attackers to exploit improperly handled malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. By sending these malformed packets, an attacker can cause the affected device to unexpectedly reload, leading to a denial of service (DoS).

TL;DR 📌

Multiple vulnerabilities in Cisco IOS XE Software could allow an authenticated local attacker or an unauthenticated attacker with physical access to execute persistent code at boot time, compromising device security. Cisco has released fixed software, and no workarounds are available.

What happened 🕵️‍♂️

Cisco has identified multiple vulnerabilities in its IOS XE Software that could allow an attacker to bypass secure boot mechanisms. These vulnerabilities stem from improper validation of software packages, enabling an attacker to place a crafted file on an affected device. This could lead to the execution of persistent code on the operating system, effectively breaking the chain of trust.

TL;DR 📌

A vulnerability in the SNMP subsystem of Cisco IOS and IOS XE Software could allow authenticated attackers to cause a denial of service (DoS) or execute arbitrary code. This affects devices with SNMP enabled. Immediate action is required to patch or mitigate this vulnerability.

What happened 🕵️‍♂️

A vulnerability has been identified in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE Software. This vulnerability allows an authenticated remote attacker to cause a denial of service (DoS) condition or execute code as the root user on affected devices. The exploitation requires valid SNMP credentials, either through SNMPv2c read-only community strings or SNMPv3 user credentials. This vulnerability is due to a stack overflow condition in the SNMP subsystem.

TL;DR 📌

A denial of service (DoS) vulnerability has been identified in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software. An authenticated remote attacker can exploit this vulnerability to cause affected devices to reload unexpectedly. The highest CVSS score for this vulnerability is 7.7, categorized as High severity. Cisco has released software updates to address this issue, but there are no workarounds available.

TL;DR 📌

A reflected cross-site scripting (XSS) vulnerability has been identified in the web UI of Cisco IOS XE Software. This flaw could allow unauthenticated remote attackers to execute malicious scripts on affected devices. Cisco has released software updates to address this issue, but no workarounds are available.

What happened 🕵️‍♂️

A vulnerability in the web UI of Cisco IOS XE Software has been discovered, allowing unauthenticated remote attackers to conduct reflected cross-site scripting (XSS) attacks. This vulnerability arises from improper sanitization of user-supplied input, enabling attackers to trick users into clicking malicious links. A successful exploit could allow attackers to steal user cookies from affected devices.

TL;DR 📌

A medium-severity vulnerability has been identified in the Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud. This flaw allows unauthenticated remote attackers to access the public-key infrastructure (PKI) server, potentially enabling unauthorized device enrollment. Workarounds are available, and Cisco has recommended software updates to fully mitigate the risk.

What happened 🕵️‍♂️

A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud could allow an unauthenticated, remote attacker to access the PKI server running on affected devices. This issue arises due to incomplete cleanup after the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests, potentially allowing them to request a certificate and join an attacker-controlled device to the virtual wireless controller.

TL;DR 📌

A medium-severity vulnerability has been identified in Cisco IOS XE SD-WAN Software that allows unauthenticated remote attackers to bypass Layer 3 and Layer 4 traffic filters. This could lead to unauthorized access to network resources. Users are advised to implement workarounds or upgrade to fixed software versions as soon as possible.

What happened 🕵️‍♂️

A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This issue arises from improper traffic filtering conditions on affected devices. By sending a crafted packet, an attacker could exploit this vulnerability to inject malicious packets into the network. Proof-of-concept exploit code is available, although there are no known instances of malicious exploitation at this time.

TL;DR 📌

A denial of service (DoS) vulnerability has been identified in the ARP implementation of Cisco IOS XR Software. An unauthenticated, adjacent attacker can exploit this vulnerability by sending excessive ARP traffic to the management interface, potentially leading to degraded performance or complete unresponsiveness of the device. Cisco has released software updates to address this issue, but no workarounds are available.

TL;DR 📌

A medium severity vulnerability has been identified in Cisco IOS XR Software that allows an authenticated local attacker to bypass image signature verification, potentially leading to the installation of unsigned software. No workarounds are available, and users are advised to update to fixed software versions.

What happened 🕵️‍♂️

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker with root-system privileges to bypass the software image signature verification. This flaw arises from incomplete validation of files during the installation of an .iso file. An attacker could exploit this by modifying the .iso image and installing it on the device, leading to the activation of unsigned software.

TL;DR 📌

A medium-severity vulnerability in Cisco IOS XR Software allows unauthenticated remote attackers to bypass access control lists (ACLs) on the management interface for SSH, NetConf, and gRPC features. Users are advised to upgrade to fixed software releases or implement workarounds.

What happened 🕵️‍♂️

A vulnerability was identified in the management interface ACL processing feature of Cisco IOS XR Software. This flaw allows unauthenticated remote attackers to bypass configured ACLs, potentially leading to unauthorized access to management features like SSH, NetConf, and gRPC. The issue arises because management interface ACLs are not enforced on certain Linux-handled features within the Packet I/O infrastructure.