Cisco has released security updates and workarounds to address vulnerabilities in multiple Cisco products. 

Cisco has released security updates to address high severity vulnerability (CVE-2022-20759) in Adaptive Security Appliance Software and Firepower Threat Defense Software. A malicious actor could exploit this vulnerability to elevate privileges.

Cisco has also addressed medium severity vulnerabilities (CVE-2022-20806, CVE-2022-20807, CVE-2022-20809, CVE-2022-20821, CVE-2022-20797, CVE-2022-20802, CVE-2022-20666, CVE-2022-20667, CVE-2022-20668, CVE-2022-20669, CVE-2022-20670, CVE-2022-20671, CVE-2022-20672, CVE-2022-20673, CVE-2022-20674, CVE-2022-20765) in Cisco Expressway Series and Cisco TelePresence VCS, Cisco IOS XR, Cisco Secure Network Analytics, Cisco Enterprise Chat and Email (ECE), Cisco Common Services Platform Collector (CSPC), Cisco UCS Director products. An attacker could exploit these vulnerabilities to write arbitrary files, disclose sensitive information, execute arbitrary commands, conduct a cross-site scripting (XSS) attack on an affected system.

Details on all of the addressed vulnerabilities are available on Cisco’s security portal - cisco.com.