Cisco has announced updates and security updates to address Remote Code Execution (RCE) vulnerabilities, Authentication Bypass and Static Default Credentials that affect multiple devices, routers, and firewalls in Cisco at May allow attackers to take full advantage of the device. In addition, Cisco has released security updates to address vulnerabilities and increase privileges in the Cisco Prime License Manager software.
The vulnerabilities that have been updated to resolve the vulnerabilities and improve security. These 5 items have been rated as a CVS rating of 9.8 by 10 points by major vulnerabilities. As follows
The CVE-2020-3330 vulnerability is a Static Default Credential vulnerability affecting Cisco Small Business RV110W Wireless-N VPN Firewall firmware firmware prior to version 188.8.131.52.
The CVE-2020-3323 vulnerability is a Remote Command Execution (RCE) vulnerability affecting Cisco Small Business models RV110W, RV130, RV130W and RV215W.
The CVE-2020-3144 vulnerability is an authentication bypass vulnerability affecting Cisco RV110W, RV130, RV130W and RV215W.
The CVE-2020-3331 vulnerability is an Arbitrary Code Execution vulnerability affecting Cisco series routers, RV110W and RV215W, firmware prior to version 184.108.40.206.
The CVE-2020-3140 vulnerability is a Privilege Escalation vulnerability affecting Cisco Prime License Manager versions earlier than 10.5 (2) SU9 and 11.5 (1) SU6.
Users should rush to update the patch to fix the vulnerability as soon as possible to prevent malicious users from exploiting the vulnerability.
Read More: cisco network firewall