Report incident

Security Alerts

Vulnerability Alert - Cisco Small Business 220 Series Smart Switches firmware

type Vulnerabilities
Systems AffectedCisco Small Business 220 Series Smart Switches firmware < 1.1.4.4
System Other

Description

Multiple vulnerabilities in the web management interface of Cisco Small Business 220 Series Smart Switches could allow:
- remote unauthenticated attacker to execute of arbitrary code with root privileges;
- remote unauthenticated attacker to upload arbitrary files;

impact

Remote code execution
Upload upload arbitrary files

Resolution

Update firmware to version 1.1.4.4 or higher

References

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190806-sb220-auth_bypass
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190806-sb220-rce