Cisco issued 31 security advisories and alerts over the past few days affecting, among other products, routers, operating systems, and LAN software. The vendor classified two as critical-impact vulnerabilities, six as high-impact, and 22 as medium.
These new security alerts come about a month after Cisco issued patches for dozens of other software bugs.
One of the critical flaws has been exploited in the wild. It’s part of a domain name system (DNS) hijacking campaign dubbed “Sea Turtle” that Cisco Talos researchers disclosed earlier this week. It affects the Cisco Cluster Management Protocol processing code in Cisco IOS and Cisco IOS XE software and could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
The threat researchers say a nation state is behind this cyber campaign, and the attackers exploited this vulnerability to attack public and private organizations in the Middle East and North Africa. Cisco released a patch for this flaw and said there are no workarounds.
The other critical vulnerability affects Cisco ASR 9000 Series Aggregation Services Routers that are running Cisco IOS XR 64-bit software. This flaw could allow a remote attacker to access internal applications running on the system administrator virtual machine and, if exploited, could result in a denial of service and remote unauthenticated access to the device.
Cisco issued software updates that fix this and detailed workarounds in the security alert. The vendor said it’s not aware of any malicious use of this vulnerability.
The high-impact security alerts involve wireless LAN controller software, IOS and IOS XE software, TelePresence Video Communication Server software, and Aironet access points.