Author Archives: Poseidon

Cisco ThousandEyes Enterprise Agent Arbitrary File Overwrite Vulnerability

A vulnerability in the CLI of Cisco ThousandEyes Enterprise Agent could allow an authenticated, local attacker with low privileges to overwrite arbitrary files on the local system of an affected device. This vulnerability is due to improper access controls on files that are on the local file system of an affected device. An attacker could exploit this vulnerability by placing a symbolic link in a specific location on the local file system. A successful exploit could allow the attacker to bypass file system permissions and overwrite arbitrary files on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-te-agentfilewrite-tqUw3SMU Security Impact Rating: Medium CVE: CVE-2026-20161
http://news.poseidon-us.com/TS3HSy

Cisco Unity Connection Arbitrary File Download Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow an authenticated, remote attacker to download arbitrary files from an affected system. To exploit these vulnerabilities, the attacker must have valid administrative credentials.  These vulnerabilities are due to improper sanitization of user input to the web-based management interface. An attacker could exploit these vulnerabilities by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from an affected system. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-file-download-RmKEVWPx Security Impact Rating: Medium CVE: CVE-2026-20078,CVE-2026-20081
http://news.poseidon-us.com/TS3HSj

Cisco Unity Connection Cross-Site Scripting, Open Redirect, and SQL Injection Vulnerabilities

Multiple vulnerabilities in Cisco Unity Connection could allow a remote attacker to conduct a cross-site scripting (XSS) attack, an open redirect attack, and an SQL injection attack. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-unity-vulns-n2EJSbbw Security Impact Rating: Medium CVE: CVE-2026-20059,CVE-2026-20060,CVE-2026-20061
http://news.poseidon-us.com/TS3HRF

Cisco Webex Contact Center Cross-Site Scripting Vulnerability

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This vulnerability existed because HTML and script content was not properly handled. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user to follow a malicious link. A successful exploit could have allowed the attacker to steal sensitive information from the browser, including authentication and session information. As mentioned, Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webexcc-xss-WEX5nUnA Security Impact Rating: Medium CVE: CVE-2026-20170
http://news.poseidon-us.com/TS3HQw

Cisco Secure Web Appliance Authentication Bypass Vulnerability

A vulnerability in the authentication service feature of Cisco AsyncOS Software for Cisco Secure Web Appliance could allow an unauthenticated, remote attacker to bypass authentication policy requirements. This vulnerability is due to improper validation of user-supplied authentication input in HTTP requests. An attacker could exploit this vulnerability by sending HTTP requests that contain specific authentication requests to an affected device. A successful exploit could allow the attacker to bypass policy enforcement on the device. There is no direct impact to the Cisco Secure Web Appliance. However, as a result of exploiting this vulnerability, an attacker could send HTTP requests that should be restricted through the device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wsa-auth-bypass-6YZkTQhd Security Impact Rating: Medium CVE: CVE-2026-20152
http://news.poseidon-us.com/TS3HQk

Cisco Identity Services Engine Remote Code Execution Vulnerabilities

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit these vulnerabilities, the attacker must have at least Read Only Admin credentials. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. In single-node Cisco ISE deployments, successful exploitation of these vulnerabilities could cause the affected ISE node to become unavailable, resulting in a denial of service (DoS) condition. In that condition, endpoints that have not already authenticated would be unable to access the network until the node is restored. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv Security Impact Rating: Critical CVE: CVE-2026-20180,CVE-2026-20186
http://news.poseidon-us.com/TS3HQY

Cisco Webex Services Certificate Validation Vulnerability

A vulnerability in the integration of single sign-on (SSO) with Control Hub in Cisco Webex Services could have allowed an unauthenticated, remote attacker to impersonate any user within the service. This vulnerability existed because of improper certificate validation. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by connecting to a service endpoint and supplying a crafted token. A successful exploit could have allowed the attacker to gain unauthorized access to legitimate Cisco Webex services. Cisco has addressed this vulnerability in the Cisco Webex service. However, customer action is necessary for affected organizations that are using SSO integration. There are no workarounds that address this vulnerability. To avoid service interruption, customers who are using SSO should upload a new identity provider (IdP) SAML certificate to Control Hub. For more information, see Manage single sign-on integration in Control Hub. This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL Security Impact Rating: Critical CVE: CVE-2026-20184
http://news.poseidon-us.com/TS3HQ3

Capsule Security debuts with $7 million funding to secure AI agent behavior

Capsule Security has launched from stealth with a $7 million seed round led by Lama Partners and Forgepoint Capital International. It prevents AI agents from being manipulated, misbehaving, or silently exfiltrating data when handling sensitive information and executing workflows. Capsule is advised by security juggernauts who have put their trust in the company’s innovative approach, including Chris Krebs, the first Director of CISA; Omer Grossman, former Global CIO at CyberArk; Jim Routh, former CISO across … More → The post Capsule Security debuts with $7 million funding to secure AI agent behavior appeared first on Help Net Security.
http://news.poseidon-us.com/TS3DCb

Broadcom introduces zero-trust runtime for scalable AI agents

Broadcom has announced VMware Tanzu Platform agent foundations, introducing a secure-by-default agentic runtime designed to accelerate the delivery of autonomous AI applications. By extending the trusted code-to-production simplicity of Tanzu Platform to AI agents, Broadcom is enabling enterprise developers to move beyond siloed AI experiments and into scalable, governed production on VMware Cloud Foundation (VCF). From experimental AI to enterprise reality As AI agents begin to handle both software execution and autonomous decision-making, they require … More → The post Broadcom introduces zero-trust runtime for scalable AI agents appeared first on Help Net Security.
http://news.poseidon-us.com/TS3DBG

Bitdefender extends GravityZone with continuous email threat protection

Bitdefender has launched GravityZone Extended Email Security, unifying email and endpoint protection in one platform. Built for organizations and MSPs, it uses an ICES approach to deliver continuous protection against modern email threats, including phishing, BEC, ransomware, impersonation, and insider attacks. “Email threats are growing more sophisticated and effective as total business email compromise-related payments crossed the $6 billion threshold in 2024,” according to Gartner. In a global survey of 1,200 IT and security professionals, … More → The post Bitdefender extends GravityZone with continuous email threat protection appeared first on Help Net Security.
http://news.poseidon-us.com/TS3D9z