2 matches found
CVE-2022-20665
CVE-2022-20665 is a Cisco StarOS command-injection vulnerability in the CLI. It arises from insufficient input validation of CLI commands, enabling an authenticated, local attacker with administrative credentials to execute arbitrary code with root privileges on an affected device. Exploitation w...
Critical Patches Issued for Cisco Expressway Series, TelePresence VCS Products
Cisco this week shipped patches to address a new round of critical security vulnerabilities affecting Expressway Series and Cisco TelePresence Video Communication Server VCS that could be exploited by an attacker to gain elevated privileges and execute arbitrary code. The two flaws – tracked as...