One flaw would have allowed an attacker to use a "classical brute force" technique to discover account names, according to security troubleshooter Vigilante. Vigilante said the second flaw could freeze the access point and bring down the wireless access zone. Cisco posted advisories on the flaws Monday.
"To date, Cisco is not aware of any active exploitations of the vulnerability and is working closely with its customers as well as industry, government, academia and Internet security organizations to effectively address this issue," a Cisco representative said in a statement.
The Ciscocreates a 300-foot radius zone where laptops can wirelessly connect to the Web or a corporate computer network. At $600 each, the access points have been primarily a favorite of large businesses, a Cisco representative said.
The software patches were made available about nine days after Ciscoin its router software that could allow attackers to freeze Cisco routers and stop the flow of network data through the device.