7th December 2021

Rooting Security Vulnerability Discovered in CISCO – CVE-2021-40119

A critical security vulnerability with a CVSS 3.1 Score of 9.8 has been released by Microsoft that will cause remote code execution in Windows TCP/IP. Although there is no exploit detection for the published vulnerabilities, it is thought that attackers can produce exploit codes by examining and working on this fix, since it has released a security vulnerability and a patch.

CISCO
CISCO

 

Affected Systems

The vulnerabilities shared by CISCO are Catalyst PON Switch CGP-ONT-1P, Catalyst PON Switch CGP-ONT-4P, Catalyst PON Switch CGP-ONT-4PV, Catalyst PON Switch CGP-ONT-4PVC and Catalyst PON Switch CGP-ONT-4TVCW affecting your devices.

Solution and CVE/CWE

The critical weakness in question can be fixed by applying the update on the CISCO website.

CVE/CWE: CVE-2021-40113, CVE-2021-40112, CVE-2021-40119

Note: A CVSS score of 3.1 (out of 10) of 7.0-8.9 is considered “high”, and 9.0-10.0 is considered a “critical” vulnerability.

Reference:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catpon-multivulns-CE3DSYGr
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cps-static-key-JmS92hNv

 

LEARN MORE  US voters data sold on Dark Web

Leave a Reply

Your email address will not be published. Required fields are marked *