On Jan 1, 2020 all self signed certificates that were generated on IOS/IOS-XE platforms got expired. After that time your device will not be able to generate self signed certificates.
There are some work arounds :
- Obtain a valid certificate from a 3rd part Certificate Authority
- Use the IOS CA Server to generate a new certificate
- Use OpenSSL to generate a new self-signed certificate
- Update your system, if possible, to a fixed SSC IOS version
Systems affected :
- All IOS 12.x
- all IOS 15.x prior to 15.6(3)M7, 15.7(3)M5, 15.8(3)M3, 15.9(3)M
- all IOS-XE prior to 16.9.1
You can find more information here.
Cisco announced a remote code execution vulnerability that affects telnet on catalyst series devices. Once again this has to do with the documents leaked by Wikileaks, known as Vault 7.
Cisco recommends to enable only SSH access on the devices affected, if possible. For devices that do not support SSH, VTY access lists may be applied to reduce the risk.
More information about the vulnerability and the devices affected, can be found here.
This is for those who are having the HTTP service of mikrotik activated on the internet.
On March 2017 Wikileaks published some documents that supposed to belong to CIA under the name of Vault 7, describing that CIA has an exploit called “ChimayRed” by which can inject malicious code on RouterOS if the HTTP service is not protected.
You can find info and information on solving this, here.