Cisco is advising administrators to update systems following the discovery of a remote code execution vulnerability in Security Agent 6.0.
The flaw could allow an attacker to remotely target the Oracle Outside component for the Fusion Middleware platform to access the Cisco software on Windows systems.
Cisco said in a security advisory that successful exploitation would allow the attacker to execute code and control the targeted system with administrator rights.
Cisco has released a free patch and is advising customers to obtain the Cisco Security Agent 18.104.22.168 fix through their service provider or hardware retailer. No other mitigations for the vulnerability are known.
Proof-of-concept code for the flaw has been posted, but Cisco has not received any reports of the vulnerability being exploited in the wild. No other products or components are believed to be affected.
The fix follows recent patches from Microsoft and Oracle. The Microsoft monthly patch included fixes for Silverlight and Internet Explorer, while the Oracle update contained 56 patches addressing issues in Fusion Middleware, Linux and Sun software platforms.
New regulation expected to cut greenhouse gas emissions by about 17 million metric tonnes between 2020 and 2050
Molybdenum ditelluride is a two-dimensional material that can be easily stacked into multiple layers to create a memory cell
New light-guiding nanoscale device can control and monitor a nanoparticle trapped in a laser beam with high sensitivity
Optical traps are scientific instruments in which a focused laser beam is used to exert an attractive or repulsive force on a microscopic object to hold it in place
Scientists estimate that the exoplanet has already lost up to 35 per cent of its mass over its lifetime