A critical vulnerability in the on-premises version of the Cisco Secure Workload security platform could allow a threat actor to obtain the privileges of a site admin, enabling them to compromise endpoints and read or modify configuration data.
“CSOs need to drop what they are doing and patch this immediately,” warned consultant Robert Enderle, who heads the Enderle Group. “Cisco Secure Workload manages zero trust, micro-segmentation, and enterprise-wide network visibility. If an attacker controls the platform that dictates your security policies, they effectively own the map and the keys to your entire network kingdom.”
“This is the absolute worst-case scenario,” he added. “Because of how v...