Cisco Admin Takeover – eSecurity Planet

Control layers are slipping in unexpected places.

From browser exploits and backend access flaws to trusted apps turning malicious and cloud leaks brewing risk, today’s stories highlight how exposure can emerge from unexpected places.

Read past newsletters here.

Here’s what you need to know:

Cisco IMC Vulnerability Enables Remote Admin Takeover

A vulnerability in Cisco’s Integrated Management Controller (IMC) allows remote attackers to seize administrative control of UCS servers without authentication. 

The flaw carries a CVSS of 9.8 and allows attackers to send crafted requests to reset credentials and gain full admin access.

Cisco has released a patch and there are no reports of active exploitation at the time of publication.

Apply the latest patch, isolate management interfaces, enforce MFA via monitored jump hosts, and continuously monitor for suspicious access or credential changes.

Google Confirms Active Chrome Exploit

Google has patched a Chrome vulnerability that is…