Cisco Security Updates
3 minute read
Executive Summary
Cisco has released has released security updates that address multiple products, the most important of which being security updates for enterprise NFV infrastructure software. Internet browsers, Google Chrome and Mozilla Firefox, have released important security updates. Finally, we offer a brief introduction on encryption.
Cisco
Cisco has released ~20 security updates for various products since our last briefing. All Cisco users should review the Cisco Security Advisories page below to ensure that necessary updates for respective products have been applied.
https://tools.cisco.com/security/center/publicationListing.x
Furthermore, multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by persuading an administrator on the host machine to install a VM image with crafted metadata that will execute commands with root-level privileges during the VM registration process. A successful exploit could allow the attacker to inject commands with root-level privileges into the NFVIS host. There are no workarounds to this vulnerability and the following security update should be executed immediately. Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-MUL-7DySRX9
Mozilla
Users of Firefox should be aware of two vulnerabilities that attackers are using to gain access to compromised systems. Any Mozilla user should update their internet browser immediately.
https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-17/
Chrome Chrome 101.0.4951.41 has been released for Windows,Mac and Linux. AIS recommends users navigate to the Google Play store to ensure updates have been applied.
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html
Encryption in Three Minutes
https://www.youtube.com/watch?v=P1sKPEaHWUc
Recommendations
AIS treats all security issues as critical and recommends deployment of NMS, SIEM, Endpoint Management, and BDR for vulnerability detection and exploitation mitigation.
Cisco has released has released security updates that address multiple products, the most important of which being security updates for enterprise NFV infrastructure software. Internet browsers, Google Chrome and Mozilla Firefox, have released important security updates. Finally, we offer a brief introduction on encryption.
Cisco
Cisco has released ~20 security updates for various products since our last briefing. All Cisco users should review the Cisco Security Advisories page below to ensure that necessary updates for respective products have been applied.
https://tools.cisco.com/security/center/publicationListing.x
Furthermore, multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an attacker to escape from the guest virtual machine (VM) to the host machine, inject commands that execute at the root level, or leak system data from the host to the VM. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by persuading an administrator on the host machine to install a VM image with crafted metadata that will execute commands with root-level privileges during the VM registration process. A successful exploit could allow the attacker to inject commands with root-level privileges into the NFVIS host. There are no workarounds to this vulnerability and the following security update should be executed immediately. Cisco has released free software updates that address the vulnerabilities described in this advisory. Customers with service contracts that entitle them to regular software updates should obtain security fixes through their usual update channels.
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-NFVIS-MUL-7DySRX9
Mozilla
Users of Firefox should be aware of two vulnerabilities that attackers are using to gain access to compromised systems. Any Mozilla user should update their internet browser immediately.
https://www.mozilla.org/en-US/security/advisories/mfsa2022-16/
https://www.mozilla.org/en-US/security/advisories/mfsa2022-17/
Chrome Chrome 101.0.4951.41 has been released for Windows,Mac and Linux. AIS recommends users navigate to the Google Play store to ensure updates have been applied.
https://chromereleases.googleblog.com/2022/04/stable-channel-update-for-desktop_26.html
Encryption in Three Minutes
https://www.youtube.com/watch?v=P1sKPEaHWUc
Recommendations
AIS treats all security issues as critical and recommends deployment of NMS, SIEM, Endpoint Management, and BDR for vulnerability detection and exploitation mitigation.
- Continuous scanning
- Patch management
- Update Log4j within 3rd party products to the latest version
- Ensure critical software patches in Windows and other software are applied to reduce lateral movement risk from a compromised system Related Solution - AIS Endpoint Management with 3rd party software patching capability
- Threat hunting
- Increase odds of detecting compromised systems before data exfiltration or ransomware deployment with automated review of anomalous activity Related Solution – AIS Managed SIEM
- Proactive ransomware protection
- Reduce ransomware attack consequences with an air-gapped backup system not accessible to threat actors
- Related Solution – AIS Managed Backup and Disaster Recovery
Please reach out to your primary AIS contact person with any questions regarding this vulnerability or solutions for detection and mitigation.
Last modified
May 9, 2022