A call for urgent patching: Cisco had patched the max severity flaw, CVSS 10 out of 10, in mid-May rollouts for customers with service contracts and through Cisco TAC for customers without service contracts.Researchers recommended promptly upgrading to the latest version of the affected software, as no other workaround is available. “For security teams, the priority is clear: patch immediately,” Ellis noted. “If patching isn’t feasible in the short term, implement compensating controls like restricting access to the affected endpoints, monitoring for suspicious file uploads, and disabling unnecessary services. This is a ‘drop everything and fix it’ kind of bug”, waiting is not an option.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4000770/cisco-wireless-lan-controllers-under-threat-again-after-critical-exploit-details-go-public.html
