Nine vulnerabilities – 4 of them critical – have been found in a variety of Cisco Small Business Series Switches. PoC exploit code is available (but not public), and there is no indication that they are being exploited in the wild. About the vulnerabilities The critical vulnerabilties (CVE-2023-20159, CVE-2023-20160, CVE-2023-20161, CVE-2023-20189) can be triggered via the switches’ web-based user interface, and may enable a remote attacker without authentication to run arbitrary code on a vulnerable … More
The post Cisco fixes critical flaws in Small Business Series Switches appeared first on Help Net Security.