Cisco has released security updates and workarounds to address multiple vulnerabilities in Cisco products.

Cisco has updated security advisory for critical remote code execution vulnerability (CVE-2022-22965) in the Spring Framework affecting Cisco products to update the list of impacted products and fixed releases.

Cisco has also updated security advisories to address high severity and medium severity vulnerabilities (CVE-2022-20742, CVE-2022-20715, CVE-2022-20759, CVE-2022-20737, CVE-2022-20760, CVE-2022-20774, CVE-2022-20821) in Cisco Adaptive Security Appliance software, Firepower Threat Defense software, Cisco IP Phone 6800, 7800, and 8800 Series and Cisco IOS XR Software. An attacker could exploit the flaws to read or modify data, elevate privileges and cause a denial of service (DoS) condition on an affected device.

Details on all of the addressed vulnerabilities are available on Cisco’s security portal - cisco.com.