Cisco Patches Critical Vulnerabilities in Expressway

85
Cisco Patches Critical Vulnerabilities in Expressway-01

Cisco has announced patches dealing with a few vulnerabilities in its Expressway Series and TelePresence Video Communication Server (VCS) integrated communications products.

Followed as CVE-2022-20754 and CVE-2022-20755 and installs 9.0 CVSS points, two security holes can be exploited by a remote attacker, authorized to write files or extract code to the underlying operating system with root privileges.

Although not dependent on each other, both errors require the attacker to have read / write rights in the compromised application.

Read More: https://www.securityweek.com/cisco-patches-critical-vulnerabilities-expressway-telepresence-vcs-products