Published: June 01, 2023 on our newsletter Security Fraud News & Alerts Newsletter.
Cisco has recently issued a security advisory to advise users to tackle several vulnerabilities that impact the web-based user interface of specific Cisco Small Business Series Switches. These vulnerabilities affect devices running vulnerable firmware versions, including but not limited to:
250 Series Smart Switches
350 Series Managed Switches
350X Series Stackable Managed Switches
550X Series Stackable Managed Switches
Business 250 Series Smart Switches
Business 350 Series Managed Switches
Small Business 200 Series Smart Switches
Small Business 300 Series Managed Switches
Small Business 500 Series Stackable Managed Switches
Exploiting these vulnerabilities could potentially enable a remote attacker to initiate a denial-of-service scenario or execute arbitrary code with root privileges on the affected device.
To mitigate these risks, Cisco, as well as the Cybersecurity and Infrastructure Security Agency (CISA) strongly advises users and administrators to thoroughly review the advisory provided on Cisco’s official webpage. It is crucial to regularly monitor Cisco's website for the appropriate updates and diligently apply them without delay.
It’s understandable that some organizations prefer to test any updates before applying them to a production system. But the longer the delay, the more chances a bad actor has to take advantage of the issues. By promptly implementing these necessary security measures, potential vulnerabilities can be effectively addressed and mitigated.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at advisor@nadicent.com