Cisco PSIRT

May 8, 2019

SECURITY

Customers Deserve Transparency to Manage Risk

Regardless of how they are found, all vulnerabilities are investigated and publicly reported per our policies.

April 29, 2019

SECURITY

The PSIRT Services Framework: Helping the Industry Protect the Ecosystem

At Cisco, our leadership made the decision over twenty four years ago that we would clearly publicly communicate security vulnerabilities or other issues that could potentially expose customers to risk....

September 26, 2018

SECURITY

September 2018 Cisco IOS and IOS XE Software Bundled Publication

Today, September 26, 2018, we released the second and final Cisco IOS and IOS XE Software Security Advisory Bundled Publication of 2018.

August 10, 2018

SECURITY

Shining a Light on a New Way to Attack WPA2 Weaknesses

Throughout its history, wireless communication has been susceptible to eavesdropping. No matter the WPA standard, there will always be attempts to exploit weaknesses and breach privacy. 

June 22, 2018

SECURITY

Cisco PSIRT Notice About Public Exploitation of the Cisco ASA Web Services Denial of Service Vulnerability

With the security of our customers' networks being a top priority, we're actively raising awareness of a vulnerability affecting Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software.

March 28, 2018

SECURITY

March 2018 Cisco IOS and IOS XE Software Bundled Publication

Today, we released the first Cisco IOS and IOS XE Software Security Advisory Bundled Publication of 2018.

December 4, 2017

SECURITY

Introducing a New Addition to Cisco’s Security Impact Rating

The Cisco Product Security Incident Response Team (PSIRT) is introducing a new Security Impact Rating (SIR) for Cisco Security Advisories: Informational.

February 27, 2017

SECURITY

Cisco PSIRT – Mitigating and Detecting Potential Abuse of Cisco Smart Install Feature

A Cisco Security Response alerts about possible abuse of the Smart Install feature. While not considered a vulnerability, the Response provides guidance on how to protect their networks against abuse.

December 21, 2015

SECURITY

Update for Customers

Following a recent Juniper security bulletin discussing unauthorized code, we have fielded a number of related questions from our customers. Being trustworthy, transparent, and accountable is core to our team, so we are responding to these questions publicly. First, we have a “no backdoor” policy and our principles are published at trust.cisco.com Our development practices […]