"CISA, FBI Urge Immediate Action on OS Command Injection Vulnerabilities in Network Devices"
The US Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) have released a joint alert about the exploitation of OS command injection vulnerabilities in network edge devices. In response to recent intrusions exploiting vulnerabilities that impact Cisco NX-OS, Palo Alto Networks PAN-OS, and Ivanti Connect Secure, business leaders and device manufacturers are urged to eliminate OS command injection vulnerabilities at the source. OS command injection vulnerabilities occur when manufacturers improperly validate and sanitize user input when constructing commands to execute on the OS. This article continues to discuss the joint alert on OS command injection vulnerabilities in network edge devices.
Submitted by grigby1