Rewterz Threat Advisory – Cisco IOS XE Software Privilege Escalation Vulnerabilities
September 25, 2020Rewterz Threat Alert – Emotet – IoCs
September 28, 2020Rewterz Threat Advisory – Cisco IOS XE Software Privilege Escalation Vulnerabilities
September 25, 2020Rewterz Threat Alert – Emotet – IoCs
September 28, 2020Severity
High
Analysis Summary
Cisco IOS Software for Cisco Industrial Routers could allow a remote attacker to obtain sensitive information, caused by a lack of input and validation checking mechanisms for virtual-LPWA (VLPWA) protocol modem messages. By sending a specially crafted request, a remote attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service.
Impact
- Information disclosure
- Denial of service
Affected Vendors
Cisco
Remediation
Refer to vendor advisory for the list of affected products and respective patches.