Cisco has released security updates for high-severity security flaws affecting Webex Teams for Windows, its Identity Services Engine, and Video Surveillance 8000 Series IP Cameras.
In this month’s first round of security updates from Cisco, the most serious vulnerability addressed is a remote code-execution (RCE) and denial-of-service (DoS) bug affecting its Video Surveillance 8000 Series IP Cameras.
The flaw, tracked as CVE-2020-3544, has a severity rating of 8.8 out of 10, on par with similar RCE and DoS flaws it disclosed in August affecting the Video Surveillance 8000 Series IP Cameras.
SEE: Security Awareness and Training policy (TechRepublic Premium)
Both sets of vulnerabilities were reported by Qian Chen of Qihoo 360 Nirvan Team and both concern flaws in the Cisco Discovery Protocol, a Layer 2 or data link layer protocol in the Open Systems Interconnection (OSI) networking model.
Similarly, both are due to “missing checks when an IP camera processes