CISCO addresses two critical remote code execution flaws in IOS XE operating system

By Pierluigi Paganini


This week Cisco patched three critical vulnerabilities affecting its operating system IOS XE,  two of them are remote code execution flaws that could be exploited by an attacker to gain full control over vulnerable systems.

Cisco March 2018 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication addressed 22 vulnerabilities, 3 of them rated as critical and 19 as high.

Let’s give a close look at the critical vulnerabilities.

The first issue. tracked as CVE-2018-0151, is an IOS and IOS XE Software Quality of Service Remote Code Execution Vulnerability.

“A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software …read more

Via:: Security Affiars