Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

Cisco has released security update for its Wireless LAN Controller (WLC) Software to address a critical vulnerability (CVE-2022-20695) that could allow an attacker to bypass authentication. The company has also updated security advisories for critical remote code execution vulnerabilities (CVE-2022-22963, CVE-2022-22965) in Spring Framework and Spring Cloud Function Framework to update the list of products under investigation, as well as the list of impacted products.

Cisco has also released patches for several high and medium severity vulnerabilities in its multiple products.

Details on all of the addressed vulnerabilities are available on Cisco’s security portal – cisco.com.