CERT-In identifies multiple high-severity vulnerabilities in Google Chrome and Cisco
The HinduIn Google Chrome These vulnerabilities can be exploited by remote attackers by sending specially crafted requests to the targeted systems. In Cisco networking software The vulnerabilities in multiple Cisco products have reportedly been used by attackers to execute arbitrary code, access and disclose information and perform cross site scripting attacks on affected systems. The vulnerability that allows attackers to run arbitrary codes on the software exists in Cisco Adaptive security Device Manager due to lack of proper signature verification that exists between the ADM and the launcher. The vulnerability that can allow attackers to disclose information on systems running Cisco Adaptive Security Appliance and Cisco Firepower Threat Defense exists in the handling of RSA keys due to logic error. Vulnerabilities in Cisco software can also be exploited by attackers by installing maliciously crafted images on devices which when accessed by users can allow attackers to execute arbitrary code on the affected system.