Cisco patched two high severity vulnerabilities found in the update feature of the Cisco Industrial Network Director (IND) software and the authentication service of Cisco Unified Presence (Cisco Unified CM IM&P Service, Cisco VCS, and Cisco Expressway Series) The remote code execution (RCE) flaw impacting Cisco IND is tracked as CVE-2019-1861 and it could allow potential authenticated remote attackers to execute arbitrary code on machines running the vulnerable software. The company issued software updates which address this vulnerability starting with Cisco IND 1.6.0.
Source: https://www.bleepingcomputer.com/news/security/cisco-fixes-high-severity-flaws-in-industrial-enterprise-tools/