Cisco has released security updates to address vulnerabilities in multiple Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the CERT Coordination Center's Vulnerability Note VU#400865 and the following Cisco Security Advisories and apply the necessary updates:
- Cisco IOS XE Software Web UI Command Injection Vulnerability cisco-sa-20190513-webui
- Cisco Secure Boot Hardware Tampering Vulnerability cisco-sa-20190513-secureboot