Security Alert (A18-03-07): Multiple Vulnerabilities in Cisco Products (March 2018)
29 March 2018
Cisco has released 20 security advisories fixing a number of vulnerabilities in Cisco IOS and IOS XE software, of which 3 advisories are rated as critical and 17 advisories are rated as high. An unauthorized remote attacker could log in to a vulnerable device using an undocumented administrative account with a default credential. Besides, the vulnerabilities could also be exploited through sending specially crafted packets to affected devices.
All Cisco products running all releases of Cisco IOS and IOS XE Software
Depending on the vulnerability exploited, a successful attack could lead to arbitrary code execution, system reload, denial of service (DoS), privilege escalation, or take control of an affected device.
Patches for affected systems are now available. Users of affected systems should follow the recommendations provided by the product vendor and take immediate actions to mitigate the risk. For detailed information of the available patches, please refer to the section "Fixed Software" of corresponding security advisory at vendor's website.
Users should contact their product support vendors for the fixes and assistance.