Cisco has dropped another maximum severity advisory detailing an unauthenticated remote code execution (RCE) flaw in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC).
The networking equipment giant warned that the flaw, much similar to a critical bug it fixed last month, stems from insufficient input validation in a public API.
“Cisco’s disclosure of the flaw highlights a troubling pattern in API-exposed infrastructure — insufficient input validation leading to una...
Sophos Intercept X for Windows Vulnerabilities Enable Arbitrary Code Execution
Cybersecurity News
3 hours ago
Three critical vulnerabilities in the Sophos Intercept X for Windows product family could allow local attackers to achieve arbitrary code execution with system-level privileges. Identified as CVE-2024...
