Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take obtain sensitive information.
The Cyber security and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Advisories and apply the necessary updates:
· Small Business Smart and Managed Switches Denial of Service Vulnerability cisco-sa-sbss-ipv6-dos-3bLk6vA
· DNA Center Information Disclosure Vulnerability cisco-sa-dna-info-disc-3bz8BCgR
· StarOS IPv6 Denial of Service Vulnerability cisco-sa-asr-dos-zJLJFgBf
· Any Connect Secure Mobility Client for Windows DLL Hijacking Vulnerability cisco-sa-anyconnect-dll-F26WwJW
· For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page.
Citrix has released security updates to address a vulnerability in Workspace app for Windows. A remote attacker could exploit this vulnerability to take control of an affected system if Windows Server Message Block (SMB) is enabled.
We recommend users and administrators review Citrix Security Bulletin CTX277662 and apply the necessary updates.
Cisco has released security updates to address a vulnerability in Adaptive Security Appliance(ASA) Software and Firepower Threat Defense (FTD) Software Web Service. A remote attacker could exploit this vulnerability to obtain sensitive information.
We encourage users and administrators to review Cisco Security Advisory cisco-sa-asaftd-ro-path-KJuQhB86 for more information and apply the necessary updates.
Information for industrial control systems owners, operators, and vendors.
Resources for information sharing and collaboration among government agencies.
Information for system administrators and technical users.
