Cisco has released updates to address nine security flaws in its Small Business Series Switches, which could allow an unauthenticated attacker to remotely execute arbitrary code, cause a denial-of-service (DoS) condition, or read unauthorized information. Four of the vulnerabilities have been rated as critical, with a score of 9.8 out of 10 on the CVSS scoring system. The updates are available for 250 Series Smart Switches, 350 Series Managed Switches, 350X Series Stackable Managed Switches, 550X Series Stackable Managed Switches, Business 250 Series Smart Switches, and Business 350 Series Managed Switches. However, the Small Business 200 Series Smart Switches, Small Business 300 Series Managed Switches, and Small Business 500 Series Stackable Managed Switches have entered the end-of-life process and will not be patched. Proof-of-concept (PoC) exploit code is available, but Cisco has not observed any malicious exploitation in the wild. Users are urged to apply the patches to mitigate potential threats.
Source: Hackernews
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.