cisco
Critical Cisco bug lets hackers add root users on SEG devices
Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments. Tracked as CVE-2024-20401, this arbitrary file write security flaw in the SEG content scanning and message filtering features is caused by an absolute path traversal weakness […]
VMware, Adobe bugs exploited in active attacks as Cisco warns of critical ‘10.0’ flaw
VMware, SolarWinds and Adobe users are being warned that vulnerabilities found in each of the products are under active attack. On Wednesday, the Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Impacted products include Adobe Commerce (CVE-2024-34102), SolarWinds Serv-U (CVE-2024-28995) and VMware vCenter Server (CVE-2022-22948) CISA’s warning […]
Cisco Patches Zero-Day Bug Used by Chinese Velvet Ant Group
A newly patched zero-day vulnerability was exploited by Chinese state-backed hackers to compromise Cisco Nexus switches, researchers have revealed. Cisco released a patch for CVE-2024-20399 on 2 July, 2024. The flaw is found in the CLI of Cisco NX-OS software and could allow an authenticated local attacker to execute arbitrary commands as root on a […]