Cisco, Juniper Networks address vulnerabilities

Cisco and Juniper Networks have recently issued updates addressing security vulnerabilities impacting their respective products, according to The Hacker News. Several bugs impacting the Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform have been fixed, the most severe of which was an authentication bypass flaw, tracked as CVE-2023-20238, which could be leveraged to enable toll fraud or privileged command execution. Moreover, patches have also been provided for a high-severity flaw in the Cisco Identity Services Engine, tracked as CVE-2023-20243, and a medium-severity bug in Adaptive Security Appliance Software and Firepower Threat Defense Software, tracked as CVE-2023-20269, with fixes for the latter coming days after Cisco ASA SSL VPN devices were reported to have been targeted for Akira and LockBit ransomware deployment. On the other hand, Juniper Networks has patched a severe improper input validation bug affecting its Junos OS and Junos OS Evolved's Routing Protocol Daemon through an out-of-band update. Meanwhile, Tenda's N300 Wireless N VDSL2 Modem Router was reported by the CERT Coordination Center to be impacted by an authentication bypass flaw, tracked as CVE-2023-4498, which remains unpatched.