Original
release date: January 14, 2021
Cisco has released security updates to address vulnerabilities in Cisco
products. A remote attacker could exploit some of these vulnerabilities to take
control of an affected system. For updates addressing lower severity
vulnerabilities see the Cisco
Security Advisories page.
CISA encourages users and administrators to review the following Cisco
Advisories and apply the necessary updates:
- AnyConnect Secure Mobility Client for Windows DLL Injection
Vulnerability cisco-sa-anyconnect-dll-injec-pQnryXLf
- Connected Mobile Experiences Privilege Escalation
Vulnerability cisco-sa-cmxpe-75Asy9k
- Small Business RV110W, RV130, RV130W, and RV215W
Routers Management Interface Command Injection Vulnerabilities cisco-sa-rv-command-inject-LBdQ2KRN
- Small Business RV110W, RV130, RV130W, and RV215W
Routers Management Interface Remote Command Execution and Denial of
Service Vulnerabilities cisco-sa-rv-overflow-WUnUgv4U