情報源

CISA Current Activity
Cisco Releases Security Updates for Multiple Products
https://us-cert.cisa.gov/ncas/current-activity/2020/08/06/cisco-releases-security-updates-multiple-products

概要

– Cisco 250 Series Smart Switches
– Cisco 350 Series Managed Switches
– Cisco 350X Series Stackable Managed Switches
– Cisco 550X Series Stackable Managed Switches
– Cisco Small Business 200 Series Smart Switches
– Cisco Small Business 300 Series Managed Switches
– Cisco Small Business 500 Series Stackable Managed Switches
– Cisco DNA Center software 1.3.1.4 より前の 1.3 系バージョン
– Cisco StarOS が稼働しており、Vector Packet Processing (VPP) 機能が有効になっている次の製品

– Cisco AnyConnect Secure Mobility Client for Windows 4.9.00086 より前のバージョン
– Cisco Cloud Services Router 1000V Series
– Cisco Integrated Services Virtual Router (ISRv)
– Cisco Identity Services Engine (ISE)
– Cisco Enterprise NFV Infrastructure Software (NFVIS)

関連文書（英語）

Cisco Small Business Smart and Managed Switches Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbss-ipv6-dos-3bLk6vA

Cisco DNA Center Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dna-info-disc-3bz8BCgR

Cisco StarOS IPv6 Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr-dos-zJLJFgBf

Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-anyconnect-dll-F26WwJW

GRUB2 Arbitrary Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-grub2-code-exec-xLePCAPY

引用元：JPCERTコーディネーションセンター
「JPCERT/CC WEEKLY REPORT 2020-08-13」
https://www.jpcert.or.jp/wr/2020/wr203101.html