Cisco has released security advisories for four products to address multiple vulnerabilities. These products include Cisco Unified IP phones, Cisco Network Registrar, Cisco AnyConnect Secure Mobility Client, and Cisco Media Experience. Exploitation of the vulnerabilities may allow an attacker to execute arbitrary code, operate with escalated privileges, or gain administrative access.
US-CERT encourages users and administrators to review the following Cisco security advisories and apply any necessary updates to help mitigate the risks.
- Multiple Vulnerabilities in Cisco Unified IP Phones 7900 series (cisco-sa-20110601-phone)
- Default Credentials Vulnerability in Cisco Network Registrar (cisco-sa-20110601-cnr)
- Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client (cisco-sa-20110601-ac)
- Default Credentials for root Account on the Cisco Media Experience Engine 5600 (cisco-sa-20110601-mxe)