Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Web UI Command Injection Vulnerability cisco-sa-20180711-phone-webui-inject
- StarOS IPv4 Fragmentation Denial-of-Service Vulnerability cisco-sa-20180711-staros-dos