Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Cisco has released security advisories for critical remote code execution vulnerabilities (CVE-2022-22963, CVE-2022-22965) in Spring Framework and Spring Cloud Function Framework that affect Cisco products.

Cisco has also released patches for several medium severity vulnerabilities (CVE-2022-20781, CVE-2022-20763, CVE-2022-20774, CVE-2022-20784, CVE-2022-20741, CVE-2022-20782, CVE-2022-20675) in Cisco Web Security Appliance, Cisco Webex Meetings, Cisco IP Phone 6800, 7800, and 8800 Series, Cisco Secure Network Analytics, Cisco Identity Services Engine (ISE), Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager products.

Details on all of the addressed vulnerabilities are available on Cisco’s security portal – cisco.com.