Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability

Rewterz Threat Alert – QNAPCrypt Ransomware Campaigns

September 27, 2019

Rewterz Threat Advisory – CVE-2019-1955 – Cisco Email Security Appliance Header Injection Vulnerability

September 27, 2019

Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability

Severity

High

Analysis Summary

The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to the targeted device. A successful exploit may lead to a buffer overflow condition that could either cause a DoS condition or allow the attacker to execute arbitrary code with root privileges.

Impact

DoS
Privilege access

Affected Vendors

Cisco

Remediation

Please see vendor’s advisory for the list of affected products and more details

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190731-nxos-bo

Rewterz Threat Alert – QNAPCrypt Ransomware Campaigns

Rewterz Threat Advisory – CVE-2019-1955 – Cisco Email Security Appliance Header Injection Vulnerability

Rewterz Threat Advisory – CVE-2019-1901 – Cisco Nexus 9000 Series Buffer Overflow Vulnerability

Severity

Analysis Summary

Impact

Affected Vendors

Remediation

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan