Search results for Cisco firmware update | Breaking Cybersecurity News | The Hacker News

If the connectivity and security of your organization rely on Cisco RV320 or RV325 Dual Gigabit WAN VPN routers, then you need to immediately install the latest firmware update released by the vendor last week. Cyber attackers have actively been exploiting two newly patched high-severity router vulnerabilities in the wild after a security researcher released their proof-of-concept exploit code on the Internet last weekend. The vulnerabilities in question are a command injection flaw (assigned CVE-2019-1652) and an information disclosure flaw (assigned CVE-2019-1653), a combination of which could allow a remote attacker to take full control of an affected Cisco router. The first issue exists in RV320 and RV325 dual gigabit WAN VPN routers running firmware versions 1.4.2.15 through 1.4.2.19, and the second affects firmware versions 1.4.2.15 and 1.4.2.17, according to the Cisco's advisory . Both the vulnerabilities, discovered and responsibly reported to the company by German s...

Security researchers have unveiled details of two critical vulnerabilities in Bluetooth Low Energy (BLE) chips embedded in millions of access points and networking devices used by enterprises around the world. Dubbed BleedingBit , the set of two vulnerabilities could allow remote attackers to execute arbitrary code and take full control of vulnerable devices without authentication, including medical devices such as insulin pumps and pacemakers, as well as point-of-sales and IoT devices. Discovered by researchers at Israeli security firm Armis, the vulnerabilities exist in Bluetooth Low Energy (BLE) Stack chips made by Texas Instruments (TI) that are being used by Cisco, Meraki, and Aruba in their enterprise line of products. Armis is the same security firm that last year discovered BlueBorne , a set of nine zero-day Bluetooth-related flaws in Android, Windows, Linux and iOS that affected billions of devices, including smartphones, laptops, TVs, watches and automobile audi...

Is your router collects data on your network? Netgear last week pushed out a firmware update for its wireless router model NightHawk R7000 with a remote data collection feature that collects router's analytics data and sends it to the company's server. For now, the company has rolled out the firmware update for its NightHawk R7000, but probably other router models would receive the update in upcoming days. The Netgear's alleged router analytics data collects information regarding: Total number of devices connected to the router IP address MAC addresses Serial number Router's running status Types of connections LAN/WAN status Wi-Fi bands and channels Technical details about the use and functioning of the router and the WiFi network. The company said it is collecting the data for routine diagnostic to know how its products are used and how its routers behave. "Technical data about the functioning and use of our routers and their WiFi network ...

Cisco today released thirty security patch advisory to address a total of 32 security vulnerabilities in its products, three of which are rated critical, including the recently disclosed Apache Struts remote code execution vulnerability that is being exploited in the wild. Out of the rest 29 vulnerabilities, fourteen are rated high and 15 medium in severity, addressing security flaws in Cisco Routers, Cisco Webex, Cisco Umbrella, Cisco SD-WAN Solution, Cisco Cloud Services Platform, Cisco Data Center Network, and more products. The three critical security vulnerabilities patched by Cisco address issues in Apache Struts, Cisco Umbrella API, and Cisco RV110W, RV130W and RV215W router's management interface. Apache Struts Remote Code Execution Vulnerability (CVE-2018-11776) The vulnerability, reported late last month by Semmle security researcher Man Yue Mo, resides in the core of Apache Struts and originates due to insufficient validation of user-provided untrusted inputs in...

A Russian state-sponsored cyber espionage group known as Static Tundra has been observed actively exploiting a seven-year-old security flaw in Cisco IOS and Cisco IOS XE software as a means to establish persistent access to target networks. Cisco Talos, which disclosed details of the activity, said the attacks single out organizations in telecommunications, higher education and manufacturing sectors across North America, Asia, Africa and Europe. Prospective victims are chosen based on their "strategic interest" to Russia, it added, with recent efforts directed against Ukraine and its allies following the onset of the Russo-Ukrainian war in 2022. The vulnerability in question is CVE-2018-0171 (CVSS score: 9.8), a critical flaw in the Smart Install feature of Cisco IOS Software and Cisco IOS XE software that could allow an unauthenticated, remote attacker to trigger a denial-of-service (DoS) condition or execute arbitrary code. It's worth noting that the security ...

Cisco on Wednesday rolled out  security updates  to address a critical flaw impacting its IP Phone 6800, 7800, 7900, and 8800 Series products. The vulnerability, tracked as CVE-2023-20078, is rated 9.8 out of 10 on the CVSS scoring system and is described as a command injection bug in the web-based management interface arising due to insufficient validation of user-supplied input. Successful exploitation of the bug could allow an unauthenticated, remote attacker to inject arbitrary commands that are executed with the highest privileges on the underlying operating system. "An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface," Cisco  said  in an alert published on March 1, 2023. Also patched by the company is a high-severity denial-of-service (DoS) vulnerability affecting the same set of devices, as well as the Cisco Unified IP Conference Phone 8831 and Unified IP Phone 7900 Series. CVE-2023-20079 (CVSS...

Cui, a fifth year grad student from the Columbia University Intrusion Detection Systems Lab and co-founder of Red Balloon Security, has demonstrated an attack on common Cisco-branded Voice over IP (VoIP) phones that could easily eavesdrop on private conversations remotely. The vulnerability Cui demonstrated was based on work he did over the last year on what he called ' Project Gunman v2 ', where a laser printer firmware update could be compromised to include additional, and potentially malicious, code. The latest vulnerability is based on a lack of input validation at the syscall interface. Cui said, " allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP , buttons, and LEDs on the phone. " While he did not specify the precise vulnerability, Cui said it allowed him to patch the phone's software with arbitrary pieces of code, and that t...

Microsoft on Tuesday rolled out its first security update for 2026 , addressing 114 security flaws, including one vulnerability that it said has been actively exploited in the wild. Of the 114 flaws, eight are rated Critical, and 106 are rated Important in severity. As many as 58 vulnerabilities have been classified as privilege escalation, followed by 22 information disclosure, 21 remote code execution, and five spoofing flaws. According to data collected by Fortra, the update marks the third-largest January Patch Tuesday after January 2025 and January 2022. These patches are in addition to two security flaws that Microsoft has addressed in its Edge browser since the release of the December 2025 Patch Tuesday update, including a spoofing flaw in its Android app ( CVE-2025-65046 , 3.1) and a case of insufficient policy enforcement in Chromium's WebView tag ( CVE-2026-0628 , CVSS score: 8.8). The vulnerability that has come under in-the-wild exploitation is CVE-2026-20805 (CV...

Welcome to your weekly cybersecurity scoop! Ever thought about how the same AI meant to protect our hospitals could also compromise them? This week, we're breaking down the sophisticated world of AI-driven threats, key updates in regulations, and some urgent vulnerabilities in healthcare tech that need our attention. As we unpack these complex topics, we'll equip you with sharp insights to navigate these turbulent waters. Curious about the solutions? They're smarter and more unexpected than you might think. Let's dive in. ⚡ Threat of the Week Juniper Networks Routers Targeted by J-magic — A new campaign targeted enterprise-grade Juniper Networks routers between mid-2023 and mid-2024 to infect them with a backdoor dubbed J-magic when certain precise conditions. The malware is a variant of a nearly 25-year-old, publicly available backdoor referred to as cd00r, and is designed to establish a reverse shell to an attacker-controlled IP address and port. Semiconductor, energy, manuf...

Cybersecurity researchers have detailed a high severity flaw in KCodes NetUSB component that's integrated into millions of end-user router devices from Netgear, TP-Link, Tenda, EDiMAX, D-Link, and Western Digital, among others. KCodes  NetUSB  is a Linux kernel module that enables devices on a local network to provide USB-based services over IP. Printers, external hard drives, and flash drives plugged into a Linux-based embedded system (e.g., a router) are made available via the network using the driver. CVE-2021-45608  (CVSS score: 9.8), as the security flaw is tracked as, relates to a  buffer overflow vulnerability  that, if successfully exploited, can allow attackers to execute code remotely in the kernel and perform malicious activities of their choice, according to a  report  shared by SentinelOne with The Hacker News. This is the latest in a string of NetUSB vulnerabilities that has been patched in recent years. In May 2015, researchers from...

Cisco has warned of a critical security flaw in SPA112 2-Port Phone Adapters that it said could be exploited by a remote attacker to execute arbitrary code on affected devices. The issue, tracked as  CVE-2023-20126 , is rated 9.8 out of a maximum of 10 on the CVSS scoring system. The company credited Catalpa of DBappSecurity for reporting the shortcoming. The  product in question  makes it possible to connect analog phones and fax machines to a VoIP service provider without requiring an upgrade. "This vulnerability is due to a missing authentication process within the firmware upgrade function," the company  said  in a bulletin. "An attacker could exploit this vulnerability by upgrading an affected device to a crafted version of firmware. A successful exploit could allow the attacker to execute arbitrary code on the affected device with full privileges." Despite the severity of the flaw, the networking equipment maker said it does not intend to release fi...

Intelligence agencies in the U.K. and the U.S. disclosed details of a new botnet malware called  Cyclops Blink  that's been attributed to the Russian-backed Sandworm hacking group and deployed in attacks dating back to 2019. "Cyclops Blink appears to be a replacement framework for the VPNFilter malware exposed in 2018, which exploited network devices, primarily small office/home office (SOHO) routers, and network-attached storage (NAS) devices," the agencies  said . "In common with VPNFilter, Cyclops Blink deployment also appears indiscriminate and widespread." The  joint government advisory  comes from the U.K. National Cyber Security Centre (NCSC), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) in the U.S. Sandworm , aka Voodoo Bear, is the name assigned to a  highly advanced adversary  operating out of Russia that's known to be active since at least ...

Microsoft has released patches to fix 67 security flaws , including one zero-day bug in Web Distributed Authoring and Versioning (WebDAV) that it said has come under active exploitation in the wild. Of the 67 vulnerabilities, 11 are rated Critical and 56 are rated Important in severity. This includes 26 remote code execution flaws, 17 information disclosure flaws, and 14 privilege escalation flaws. The patches are in addition to 13 shortcomings addressed by the company in its Chromium-based Edge browser since the release of last month's Patch Tuesday update . The vulnerability that has been weaponized in real-world attacks concerns a remote code execution in WebDAV ( CVE-2025-33053 , CVSS score: 8.8) that can be triggered by deceiving users into clicking on a specially crafted URL. The tech giant credited Check Point researchers Alexandra Gofman and David Driker for discovering and reporting the bug. It's worth mentioning that CVE-2025-33053 is the first zero-day vulnerab...