Alert GCSA-26050 - Vulnerabilita' in Cisco IOS e IOS XE
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-26050
data: 27 marzo 2026
titolo: Vulnerabilita' in Cisco IOS e IOS XE
******************************************************************
:: Descrizione del problema
Cisco ha rilasciato la pubblicazione "bundled marzo 2026" degli avvisi di sicurezza
per i software Cisco IOS e IOS XE.
La pubblicazione include 12 avvisi che descrivono 12 vulnerabilita' di gravita' medio-alta,
ed i relativi aggiornamenti che le risolvono.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Apparati interessati
Apparati Cisco IOS e IOS XE
Per una descrizione completa dei dispositivi interessati, si prega di fare riferimento
ai Security Advisories ufficiali.
:: Impatto
Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Accesso a dati riservati (ID)
Bypass delle funzionalita' di sicurezza (SFB)
Acquisizione di privilegi piu' elevati (EoP)
:: Soluzioni
Si consiglia di valutare l'impatto delle vulnerabilita' sui dispositivi in uso,
e di aggiornare il prima possibile.
E' possibile utilizzare Cisco Software Checker
https://sec.cloudapps.cisco.com/security/center/softwarechecker.x
per determinare il patching appropriato.
Prima dell'installazione del software consultare il sito del fornitore per maggiori dettagli.
:: Riferimenti
Cisco Security Advisories
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
March 2026 Cisco IOS and IOS XE Software Security Advisory Bundled Publication
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75297
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootp-WuBhNBxA
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-dos-sbv8XRpL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-tls-dos-TVgLDEZL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe_infodis-6J847uEB
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-crlf-NvgKTKJZ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-xss-LpGkzwtJ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scp-dos-duAdXtCg
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-hnX5KGOm
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-secureboot-bypass-B6uYxYSZ
SecurityWeek
https://www.securityweek.com/cisco-patches-multiple-vulnerabilities-in-ios-software/
Mitre CVE
https://www.cve.org/CVERecord?id=CVE-2026-20004
https://www.cve.org/CVERecord?id=CVE-2026-20012
https://www.cve.org/CVERecord?id=CVE-2026-20083
https://www.cve.org/CVERecord?id=CVE-2026-20084
https://www.cve.org/CVERecord?id=CVE-2026-20086
https://www.cve.org/CVERecord?id=CVE-2026-20104
https://www.cve.org/CVERecord?id=CVE-2026-20110
https://www.cve.org/CVERecord?id=CVE-2026-20112
https://www.cve.org/CVERecord?id=CVE-2026-20113
https://www.cve.org/CVERecord?id=CVE-2026-20114
https://www.cve.org/CVERecord?id=CVE-2026-20115
https://www.cve.org/CVERecord?id=CVE-2026-20125
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCacadUAAKCRDBnEyTZRJg
QjFEAKDXcSL0GOvhz5u4CtFAmTyU7N947gCgkVVveZKfqyTPXb/gasVyBJV+QR8=
=v3yj
-----END PGP SIGNATURE-----
Hash: SHA256
******************************************************************
alert ID: GCSA-26050
data: 27 marzo 2026
titolo: Vulnerabilita' in Cisco IOS e IOS XE
******************************************************************
:: Descrizione del problema
Cisco ha rilasciato la pubblicazione "bundled marzo 2026" degli avvisi di sicurezza
per i software Cisco IOS e IOS XE.
La pubblicazione include 12 avvisi che descrivono 12 vulnerabilita' di gravita' medio-alta,
ed i relativi aggiornamenti che le risolvono.
Maggiori informazioni sono disponibili alla sezione "Riferimenti".
:: Apparati interessati
Apparati Cisco IOS e IOS XE
Per una descrizione completa dei dispositivi interessati, si prega di fare riferimento
ai Security Advisories ufficiali.
:: Impatto
Denial of Service (DoS)
Esecuzione remota di codice arbitrario (RCE)
Accesso a dati riservati (ID)
Bypass delle funzionalita' di sicurezza (SFB)
Acquisizione di privilegi piu' elevati (EoP)
:: Soluzioni
Si consiglia di valutare l'impatto delle vulnerabilita' sui dispositivi in uso,
e di aggiornare il prima possibile.
E' possibile utilizzare Cisco Software Checker
https://sec.cloudapps.cisco.com/security/center/softwarechecker.x
per determinare il patching appropriato.
Prima dell'installazione del software consultare il sito del fornitore per maggiori dettagli.
:: Riferimenti
Cisco Security Advisories
https://sec.cloudapps.cisco.com/security/center/publicationListing.x
March 2026 Cisco IOS and IOS XE Software Security Advisory Bundled Publication
https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75297
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootp-WuBhNBxA
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-dos-sbv8XRpL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-tls-dos-TVgLDEZL
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe_infodis-6J847uEB
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-crlf-NvgKTKJZ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-xss-LpGkzwtJ
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scp-dos-duAdXtCg
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-hnX5KGOm
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-secureboot-bypass-B6uYxYSZ
SecurityWeek
https://www.securityweek.com/cisco-patches-multiple-vulnerabilities-in-ios-software/
Mitre CVE
https://www.cve.org/CVERecord?id=CVE-2026-20004
https://www.cve.org/CVERecord?id=CVE-2026-20012
https://www.cve.org/CVERecord?id=CVE-2026-20083
https://www.cve.org/CVERecord?id=CVE-2026-20084
https://www.cve.org/CVERecord?id=CVE-2026-20086
https://www.cve.org/CVERecord?id=CVE-2026-20104
https://www.cve.org/CVERecord?id=CVE-2026-20110
https://www.cve.org/CVERecord?id=CVE-2026-20112
https://www.cve.org/CVERecord?id=CVE-2026-20113
https://www.cve.org/CVERecord?id=CVE-2026-20114
https://www.cve.org/CVERecord?id=CVE-2026-20115
https://www.cve.org/CVERecord?id=CVE-2026-20125
GARR CERT Security Alert - subscribe/unsubscribe:
https://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
iF0EAREIAB0WIQTGpdiR5MqstacBGHbBnEyTZRJgQgUCacadUAAKCRDBnEyTZRJg
QjFEAKDXcSL0GOvhz5u4CtFAmTyU7N947gCgkVVveZKfqyTPXb/gasVyBJV+QR8=
=v3yj
-----END PGP SIGNATURE-----