2 matches found
Cisco Smart Switches Riddled with Security Holes
Cisco has flagged and patched several high-severity security vulnerabilities in its Cisco Small Business 220 Series Smart Switches that could allow session hijacking, arbitrary code execution, cross-site scripting and HTML injection. It also issued fixes for high-severity problems in the AnyConne...
CVE-2021-1567
CVE-2021-1567 describes a local, authenticated race-condition DLL hijack in Cisco AnyConnect Secure Mobility Client for Windows when the VPN Posture (HostScan) Module is installed. The vulnerability stems from the DLL loading/signature verification path during IPC-driven file copies, allowing an ...