Cisco has released security updates to address vulnerabilities in multiple Cisco products, including but not limited to:

1. Cisco Enterprise Chat & Email (ECE)
2. Cisco Nexus Dashboard Fabric Controller (NDFC) 12.1.2 & 12.1.3
3. Cisco Adaptive Security Appliance (ASA) Software
4. Cisco FTD Software for Firepower 1000, 2100, 3100, 4200 Series
5. Cisco 6800, 7800, 8800, 9800 Series Phones
6. Cisco Identity Services Engine (ISE)
7. Cisco ATA 190 Series

Security Risks

If successfully exploited, the identified vulnerabilities in Cisco products could enable an attacker to take control of an affected system and carry out malicious activities.

For the full list of security patches released by Cisco, please refer to Cisco Security Advisories.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

• Follow and put in place the security updates shared by Cisco to lower the risk of vulnerability exploitation.
• Before updating or patching, please ensure that you have the latest backup that can easily be restored.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

• cisco-sa-backhaul-ap-cmdinj-R7E28Ecs
• cisco-sa-ndfc-sqli-CyPPAxrL
• cisco-sa-ece-dos-Oqb9uFEv
• Cisco Security portal