The high-severity flaw can be exploited remotely, without authentication, in server-side request forgery (SSRF) attacks.
The post Cisco Warns of Available PoC for Critical Unified CM Vulnerability appeared first on SecurityWeek.
Cisco Patches Critical Vulnerability in Secure Workload
Insufficient validation and authentication in the Secure Workload’s REST APIs provide remote attackers with Site Admin privileges.
The post Cisco Patches Critical Vulnerability in Secure Workload appeared first on SecurityWeek.
Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026
The zero-day, tracked as CVE-2026-20182, has been exploited in targeted attacks by a sophisticated threat actor identified as UAT-8616.
The post Cisco Patches Another SD-WAN Zero-Day, the Sixth Exploited in 2026 appeared first on SecurityWeek.
Cisco Patches High-Severity Vulnerabilities in Enterprise Products
Successful exploitation of the flaws could lead to code execution, server-side request forgery attacks, and denial-of-service conditions.
The post Cisco Patches High-Severity Vulnerabilities in Enterprise Products appeared first on SecurityWeek.
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
The acquisition strengthens Cisco’s push into identity-centric security for AI and machine access.
The post Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks appeared first on SecurityWeek.
Cisco Releases Open Source Tool for AI Model Provenance
The new kit aims to address risks related to poisoned models, regulatory issues, supply chain integrity, and incident response.
The post Cisco Releases Open Source Tool for AI Model Provenance appeared first on SecurityWeek.
US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor
The malware provides remote access and control of infected devices and maintains post-patching persistence.
The post US Federal Agency’s Cisco Firewall Infected With ‘Firestarter’ Backdoor appeared first on SecurityWeek.
Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities
CISA expanded the KEV catalog with eight flaws, but five of them have been flagged as exploited before.
The post Organizations Warned of Exploited Cisco, Kentico, Zimbra Vulnerabilities appeared first on SecurityWeek.
Cisco Patches Critical Vulnerabilities in Webex, ISE
The flaws can be exploited remotely to impersonate users or execute arbitrary commands on the underlying OS.
The post Cisco Patches Critical Vulnerabilities in Webex, ISE appeared first on SecurityWeek.
Cisco Patches Critical and High-Severity Vulnerabilities
The bugs could lead to authentication bypass, remote code execution, information disclosure, and privilege escalation.
The post Cisco Patches Critical and High-Severity Vulnerabilities appeared first on SecurityWeek.
