On Wednesday, January 22, Cisco released updates to address three vulnerabilities: a critical privilege elevation issue in the REST API of Cisco Meeting Management; a high-severity denial-of-service vulnerability in the SIP processing subsystem of Cisco BroadWorks; and a medium-severity heap-based buffer overflow vulnerability in the ClamAV Object Linking and Embedding 2 (OLE2) decryption routine. More https://www.helpnetsecurity.com/2025/01/23/cisco-clamav-cve-2025-20128-meeting-management-cve-2025-20156/
