Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

With these updates, Cisco has addressed multiple high-severity vulnerabilities (CVE-2021-34718, CVE-2021-1529, CVE-2022-20653) in IOS XR Software, Cisco IOS XE SD-WAN Software, Cisco Email Security Appliance. Exploitation of these vulnerabilities could allow an attacker to write and read arbitrary files, execute arbitrary commands with root privileges, cause a denial of service (DoS) condition on an affected system.

Cisco has also released patches for several medium severity vulnerabilities (CVE-2022-20750, CVE-2022-20659) in Cisco StarOS Software, Cisco Prime Infrastructure, Cisco Evolved Programmable Network (EPN) Manager products. Details on all of the addressed vulnerabilities are available on Cisco’s security portal – cisco.com.