Cisco Releases Security Updates

These vulnerabilities affect devices running IOS and IOS XE software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

The vulnerabilities are listed below and more details can be found here

  1. Cisco IOS XE Software Web UI REST API Authentication Bypass Vulnerability
  2. Cisco IOS XE Software Web UI Privilege Escalation Vulnerability
  3. Cisco IOS and IOS XE Software DHCP Remote Code Execution Vulnerability
  4. Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability
  5. Cisco IOS Software for Cisco Catalyst 6800 Series Switches VPLS Denial of Service Vulnerability
  6. Cisco IOS Software for Cisco Integrated Services Routers Generation 2 Denial of Service Vulnerability
  7. Cisco IOS Software for Cisco Industrial Ethernet Switches PROFINET Denial of Service Vulnerability
  8. Cisco IOS and IOS XE Software Plug-and-Play PKI API Certificate Validation Vulnerability
  9. Cisco IOS XE Software for Cisco 5760 WLC, Cisco Catalyst 4500E Supervisor Engine 8-E, and Cisco NGWC 3850 GUI Privilege Escalation Vulnerability
  10. Cisco IOS Software Network Address Translation Denial of Service Vulnerability
  11. Cisco IOS XE Software Locator/ID Separation Protocol Authentication Bypass Vulnerability
  12. Cisco IOS XE Wireless Controller Manager Denial of Service Vulnerability
  13. Cisco IOS and IOS XE Software Internet Key Exchange Denial of Service Vulnerability
  14. Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerabilities
  15. Cisco IOS XE Software for Cisco ASR 1000 Series and cBR-8 Routers Line Card Console Access Vulnerability

All system administrators are advised to apply the necessary updates.