Your workstation and servers aren’t the only operating systems (OSes) that require patching. Firewalls, routers, and switches run OSes of their own and also require updates.
On June 3rd, Cisco released their semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. In this publication, Cisco identified 20 vulnerabilities with a Security Impact Rating (SIR) of “high” and three with an SIR of “critical.” The advisory lists Cisco security risks that have CVSS scores ranging from 6.7 to 9.8 and includes denial-of-service (DoS), command injection, privilege escalation, and remote code execution (RCE) attacks.
Patching systems helps prevent attackers from exploiting any vulnerabilities in your environment, a risk that could have a significant impact on your organization. In the case of this security advisory, Cisco provides no workarounds other than patching your system to address associated vulnerabilities. While Cisco states that many of these vulnerabilities have not yet been exploited, it will not be long before attackers specifically check for systems that have not had the relevant patches applied.
As a singular occurrence, tackling these vulnerabilities with a patch will address the security flaw. However, maintaining an inventory of hardware and installed software and developing a routine process to track relevant vendor-provided guidance will work to mitigate future threats that exploit unpatched systems. By actively monitoring for vulnerability alerts that affect the inventoried systems in your environment, your organization can maintain an ongoing process to apply security-related patches in a timely manner.
Have any questions regarding these latest Cisco security risks and how to patch the firmware? Please contact our security experts at any time.