Note to readers

This publication does not currently meet the Government of Canada's Web Standards. The information remains valid.

Cisco Releases security update

Number: AV16-100
Date: 16 June 2016

Purpose

The purpose of this advisory is to bring attention to a Cisco security advisory.

Assessment

Cisco released multiple security updates to address a critical vulnerability VulnerabilityA flaw or weakness in the design or implementation of an information system or its environment that could be exploited to adversely affect an organization's assets or operations. in the web interface InterfaceA boundary across which two systems communicate. An interface might be a hardware connector used to link to other devices, or it might be a convention used to allow communication between two software systems. of the Cisco RV110W Wireless-N VPN VPNSee virtual private network. Firewall FirewallA security barrier placed between two networks that controls the amount and kinds of traffic that may pass between the two. This protects local system resources from being accessed from the outside. , Cisco RV130W Wireless-N Multifunction VPN Router, and the Cisco RV215W Wireless-N VPN Router. This vulnerability could allow an authenticated, remote attacker to execute arbitrary code as root on a targeted system.

CVE Reference: CVE-2016-1395

Suggested Action

CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.

References:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160615-rv

Date modified: