Phone : +91 95 8290 7788 | Email : sales@itmonteur.net

Register & Request Quote | Submit Support Ticket

Home » Cyber Security News » Govt’s cyber agency finds multiple bugs in Cisco products, ET CISO

Govt’s cyber agency finds multiple bugs in Cisco products, ET CISO

Govt’s cyber agency finds multiple bugs in Cisco products, ET CISO

<p>The Indian Computer Emergency Response Team (CERT-In) which comes under the Ministry of Electronics & Information Technology, has issued an advisory over three serious vulnerabilities in networking giant Cisco products that could allow hackers to gain access, infiltrate into computer systems and steal data.</p>
The Indian Computer Emergency Response Team (CERT-In) which comes under the Ministry of Electronics & Information Technology, has issued an advisory over three serious vulnerabilities in networking giant Cisco products that could allow hackers to gain access, infiltrate into computer systems and steal data.

The Indian Computer Emergency Response Team (CERT-In) which comes under the Ministry of Electronics & Information Technology, has issued an advisory over three serious vulnerabilities in networking giant Cisco products that could allow hackers to gain access, infiltrate into computer systems and steal data.The vulnerabilities reported in Cisco Adaptive Security Appliance (ASA) software and Cisco Firepower Threat Defense (FTD) software could allow attackers to execute arbitrary commands and code on the underlying operating system with root-level privileges, device to reload unexpectedly, resulting in a denial of service (DoS), CERT-In said in its latest advisory.

The ‘Command Injection Vulnerability’ exists in the reported software due to the contents of a backup file being improperly sanitised at restore time.

“An attacker could exploit this vulnerability by restoring a crafted backup file to an affected device,” the cyber agency said.

Another ‘Denial of Service Vulnerability’ exists due to incomplete error checking when parsing an HTTP header.

Attackers could use this vulnerability by “sending a crafted HTTP request to a targeted web server on a device” and the successful exploitation could allow them to cause a “DoS condition when the device reloads”.

The third, ‘Code Execution Vulnerability’ exists due to improper validation of a file when it is read from system flash memory.

According to the cyber agency, an attacker could exploit this vulnerability by copying a “crafted file to the disk0: file system of an affected device”.

In addition, CERT-In advised people to apply appropriate updates as released by Cisco.

  • Published On Apr 29, 2024 at 10:35 AM IST

Join the community of 2M+ industry professionals

Subscribe to our newsletter to get latest insights & analysis.

Download ETCISO App

  • Get Realtime updates
  • Save your favourite articles


Scan to download App

Information Security - InfoSec - Cyber Security - Firewall Providers Company in India

 

 

 

 

 

 

 

 

 

 

 

 

What is Firewall? A Firewall is a network security device that monitors and filters incoming and outgoing network traffic based on an organization's previously established security policies. At its most basic, a firewall is essentially the barrier that sits between a private internal network and the public Internet.

 

Secure your network at the gateway against threats such as intrusions, Viruses, Spyware, Worms, Trojans, Adware, Keyloggers, Malicious Mobile Code (MMC), and other dangerous applications for total protection in a convenient, affordable subscription-based service. Modern threats like web-based malware attacks, targeted attacks, application-layer attacks, and more have had a significantly negative effect on the threat landscape. In fact, more than 80% of all new malware and intrusion attempts are exploiting weaknesses in applications, as opposed to weaknesses in networking components and services. Stateful firewalls with simple packet filtering capabilities were efficient blocking unwanted applications as most applications met the port-protocol expectations. Administrators could promptly prevent an unsafe application from being accessed by users by blocking the associated ports and protocols.

 

Firewall Firm is an IT Monteur Firewall Company provides Managed Firewall Support, Firewall providers , Firewall Security Service Provider, Network Security Services, Firewall Solutions India , New Delhi - India's capital territory , Mumbai - Bombay , Kolkata - Calcutta , Chennai - Madras , Bangaluru - Bangalore , Bhubaneswar, Ahmedabad, Hyderabad, Pune, Surat, Jaipur, Firewall Service Providers in India

Sales Number : +91 95 8290 7788 | Support Number : +91 94 8585 7788
Sales Email : sales@itmonteur.net | Support Email : support@itmonteur.net

Register & Request Quote | Submit Support Ticket