Fortinet All BlogsFrom Insight to Action: What the 2025 SANS ICS/OT Security Report Means for YouFri, 5 Dec 2025 14:00:00 +0000 Learn how to turn critical findings from the SANS State of ICS/OT Security 2025 report into practical steps to strengthen your industrial cyber resilience. UDPGangster Campaigns Target Multiple CountriesThu, 4 Dec 2025 14:00:00 +0000 FortiGuard Labs uncovers UDPGangster campaigns linked to MuddyWater, using macro-laden phishing lures, evasion techniques, and UDP backdoors to target multiple countries SD-WAN Is the Foundation of Every Successful SASE StrategyWed, 3 Dec 2025 16:00:00 +0000 Discover why Secure SD-WAN is the essential foundation for SASE, enabling unified management, stronger security, and optimized cloud performance. Fortinet Named a Challenger in the 2025 Gartner® Magic Quadrant™ for Email Security ReportWed, 3 Dec 2025 16:00:00 +0000 Fortinet named a Challenger in the Gartner Magic Quadrant for Email Security Fortinet at AWS re:Invent 2025: Expanding What’s Possible in Cloud SecurityTue, 2 Dec 2025 16:00:00 +0000 At AWS re:Invent, Fortinet is proud to support several key AWS launches that make securing the cloud simpler, smarter, and more integrated than ever. New eBPF Filters for Symbiote and BPFdoor MalwareTue, 2 Dec 2025 14:00:00 +0000 FortiGuard Labs discovered new Symbiote and BPFDoor variants exploiting eBPF filters to enhance stealth through IPv6 support, UDP traffic, and dynamic port hopping for covert C2 communication. ShadowV2 Casts a Shadow Over IoT Devices | FortiGuard LabWed, 26 Nov 2025 14:00:00 +0000 ShadowV2, a new Mirai-based botnet targeting IoT devices, surfaced during the recent AWS outage. FortiGuard Labs examines its propagation, DDoS capabilities, and global footprint. Cyberthreats Targeting the 2025 Holiday Season: What CISOs Need to KnowTue, 25 Nov 2025 14:00:00 +0000 Cybercriminal activity is surging ahead of the 2025 holiday season. Deceptive domains, stolen accounts, and e-commerce attacks are accelerating. Here’s what leaders need to know. Inside the Industrialization of Cybercrime: What to Expect in 2026Fri, 21 Nov 2025 14:00:00 +0000 Fortinet’s 2026 Cyberthreat Predictions Report examines how cybercrime is evolving into an industrialized, AI-driven ecosystem and how CISOs can adapt by unifying threat intelligence, exposure management, and machine-speed defense. Fortinet Strengthens AWS Network Security with AI-Driven IPS Rule EnhancementsWed, 19 Nov 2025 17:00:00 +0000 Fortinet introduces Managed IPS Rules for AWS Network Firewall, enhanced by FortiGuard AI-Powered Security Services, to deliver continuously updated, automated intrusion prevention and simplified cloud security. |
Microsoft Security BlogMicrosoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email SecurityFri, 05 Dec 2025 20:00:00 +0000 Microsoft has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Email Security, which we believe highlights the innovative capabilities of Microsoft Defender for Office 365. The post Microsoft named a leader in the 2025 Gartner® Magic Quadrant™ for Email Security appeared first on Microsoft Security Blog. Cybersecurity strategies to prioritize nowThu, 04 Dec 2025 17:00:00 +0000 In this article, Damon Becknel, Vice President and Deputy CISO for Regulated Industries at Microsoft, outlines four things to prioritize doing now. The post Cybersecurity strategies to prioritize now appeared first on Microsoft Security Blog. How to build forward-thinking cybersecurity teams for tomorrowTue, 02 Dec 2025 17:00:00 +0000 To secure the future, we must future-proof our cybersecurity talent and develop teams that are agile, innovative, and perpetually learning. The post How to build forward-thinking cybersecurity teams for tomorrow appeared first on Microsoft Security Blog. Charting the future of SOC: Human and AI collaboration for better securityTue, 25 Nov 2025 17:00:00 +0000 This blog shares our journey and insights from building autonomous AI agents for MDR operations and explores how the shift to a GenAI-powered SOC redefines collaboration between humans and AI. The post Charting the future of SOC: Human and AI collaboration for better security appeared first on Microsoft Security Blog. Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management for the ninth consecutive yearFri, 21 Nov 2025 17:00:00 +0000 We’re happy to share that Microsoft has been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year. The post Microsoft named a Leader in the Gartner® Magic Quadrant™ for Access Management for the ninth consecutive year appeared first on Microsoft Security Blog. Agents built into your workflow: Get Security Copilot with Microsoft 365 E5Tue, 18 Nov 2025 16:00:00 +0000 At Microsoft Ignite 2025, we are not just announcing new features—we are redefining what’s possible, empowering security teams to shift from reactive responses to proactive strategies. The post Agents built into your workflow: Get Security Copilot with Microsoft 365 E5 appeared first on Microsoft Security Blog. Ambient and autonomous security for the agentic eraTue, 18 Nov 2025 16:00:00 +0000 In the agentic era, security must be ambient and autonomous, like the AI it protects. This is our vision for security, where security becomes the core primitive. The post Ambient and autonomous security for the agentic era appeared first on Microsoft Security Blog. Collaborative research by Microsoft and NVIDIA on real-time immunityMon, 17 Nov 2025 17:03:54 +0000 Read about Microsoft and NVIDIA joint research on real-time immunity. The post Collaborative research by Microsoft and NVIDIA on real-time immunity appeared first on Microsoft Security Blog. Securing our future: November 2025 progress report on Microsoft’s Secure Future Initiative Mon, 10 Nov 2025 17:00:00 +0000 When we launched the Secure Future Initiative, our mission was clear: accelerate innovation, strengthen resilience, and lead the industry toward a safer digital future. Today, we’re sharing our latest progress report that reflects steady progress in every area and engineering pillar, underscoring our commitment to security above all else. The post Securing our future: November 2025 progress report on Microsoft’s Secure Future Initiative appeared first on Microsoft Security Blog. Whisper Leak: A novel side-channel attack on remote language modelsFri, 07 Nov 2025 17:00:00 +0000 Microsoft has discovered a side-channel attack on language models which allows adversaries to conclude model conversation topics, despite being encrypted. The post Whisper Leak: A novel side-channel attack on remote language models appeared first on Microsoft Security Blog. |
Cisco Security AdvisoryRemote Code Execution Vulnerability in React and Next.js Frameworks: December 20252025-12-06 18:27:02.0
On December 3, 2025, the React team released a security advisory regarding a vulnerability, CVE-2025-55182, in the React server that could allow an unauthenticated, remote attacker to perform remote code execution on an affected device or system. For a description of this vulnerability, see the public React Security Advisory. Cisco's standard practice is to update integrated third-party software components to later versions as they become available. This advisory will be updated as additional information becomes available. This advisory is available at the following link: Cisco Identity Services Engine Reflected Cross-Site Scripting and Information Disclosure Vulnerabilities2025-12-04 14:23:54.0
Multiple vulnerabilities in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to either disclose sensitive information or conduct a reflected cross-site scripting (XSS) attack. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: Multiple Cisco Contact Center Products Vulnerabilities2025-11-18 14:49:09.0
Multiple vulnerabilities in Cisco Unified Contact Center Express (Unified CCX), Cisco Unified Contact Center Enterprise (Unified CCE), Cisco Packaged Contact Center Enterprise (Packaged CCE), and Cisco Unified Intelligence Center (CUIC) could allow an authenticated, remote attacker to disclose sensitive information, download arbitrary files, execute arbitrary commands, and elevate privileges to root. To exploit these vulnerabilities, the attacker must have valid credentials. For more information about these vulnerabilities, see the Details section of this advisory. This advisory is available at the following link: Cisco Catalyst Center Virtual Appliance HTTP Open Redirect Vulnerability2025-11-13 16:00:00.0
A vulnerability in the web-based management interface of Cisco Catalyst Center Virtual Appliance could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a malicious web page. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Catalyst Center Privilege Escalation Vulnerability2025-11-13 16:00:00.0
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control (RBAC). An attacker could exploit this vulnerability by logging in to an affected system and modifying certain policy configurations. A successful exploit could allow the attacker to modify policy configurations that are reserved for the Administrator role. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Catalyst Center Cross-Site Scripting Vulnerability2025-11-13 16:00:00.0
A vulnerability in the web-based management interface of Cisco Catalyst Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Catalyst Center REST API Command Injection Vulnerability2025-11-13 16:00:00.0
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote attacker to execute arbitrary commands in a restricted container as the root user. This vulnerability is due to insufficient validation of user-supplied input in REST API request parameters. An attacker could exploit this vulnerability by sending a crafted API request to an affected device. A successful exploit could allow the attacker to inject arbitrary commands that would then be executed in a restricted container with root privileges. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Catalyst Center Virtual Appliance Privilege Escalation Vulnerability2025-11-13 16:00:00.0
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system. A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges on an affected system. To exploit this vulnerability, the attacker must have valid credentials for a user account with at least the role of Observer. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Unified Contact Center Express Remote Code Execution Vulnerabilities2025-11-13 12:48:42.0
Multiple vulnerabilities in the Java Remote Method Invocation (RMI) process of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to upload arbitrary files, bypass authentication, execute arbitrary commands, and elevate privileges to root. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Unauthorized Access Vulnerability2025-11-06 23:50:55.0
Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication. Cisco has released software updates that address this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: For more information on the vulnerability that is described in this advisory, see Cisco Event Response: Continued Attacks Against Cisco Firewall Platforms. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20362Cisco Secure Firewall Adaptive Security Appliance Software and Secure Firewall Threat Defense Software VPN Web Server Remote Code Execution Vulnerability2025-11-06 15:50:54.0
Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device. Cisco has released software updates that address this vulnerability. Cisco continues to strongly recommend that customers upgrade to a fixed software release to remediate this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: For more information on the vulnerability that is described in this advisory, see Cisco Event Response: Continued Attacks Against Cisco Firewall Platforms. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2025-20333Cisco Secure Firewall Adaptive Security Appliance Software, Secure Firewall Threat Defense Software, IOS Software, IOS XE Software, and IOS XR Software Web Services Remote Code Execution Vulnerability2025-11-06 15:50:51.0
A vulnerability in the web services of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, Cisco Secure Firewall Threat Defense (FTD) Software, Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, remote attacker (Cisco ASA and FTD Software) or authenticated, remote attacker (Cisco IOS, IOS XE, and IOS XR Software) with low user privileges to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web service on an affected device after obtaining additional information about the system, overcoming exploit mitigations, or both. A successful exploit could allow the attacker to execute arbitrary code as root, which may lead to the complete compromise of the affected device. For more information about this vulnerability, see the Details section of this advisory. Cisco has released software updates that address this vulnerability and strongly recommends that customers upgrade to a fixed software release. There are no workarounds that address this vulnerability. This advisory is available at the following link: For more information on the vulnerability that is described in this advisory, see Cisco Event Response: Continued Attacks Against Cisco Firewall Platforms. <br/>Security Impact Rating: Critical <br/>CVE: CVE-2025-20363Cisco Identity Services Engine RADIUS Suppression Denial of Service Vulnerability2025-11-05 16:00:00.0
A vulnerability in the RADIUS setting Reject RADIUS requests from clients with repeated failures on Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause Cisco ISE to restart unexpectedly. This vulnerability is due to a logic error when processing a RADIUS access request for a MAC address that is already a rejected endpoint. An attacker could exploit this vulnerability by sending a specific sequence of multiple crafted RADIUS access request messages to Cisco ISE. A successful exploit could allow the attacker to cause a denial of service (DoS) condition when Cisco ISE restarts. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: Cisco BroadWorks CommPilot Application Software Cross-Site Scripting Vulnerability2025-10-21 15:13:31.0
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot Application Software could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities2025-10-15 23:00:00.0
Multiple vulnerabilities in Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 running Cisco Session Initiation Protocol (SIP) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or conduct a cross-site scripting (XSS) attack against a user of the web UI. Note: To exploit these vulnerabilities, the phone must be registered to Cisco Unified Communications Manager and have Web Access enabled. Web Access is disabled by default. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: Cisco TelePresence Collaboration Endpoint and RoomOS Software Information Disclosure Vulnerability2025-10-15 16:00:00.0
A vulnerability in the logging component of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an authenticated, remote attacker to view sensitive information in clear text on an affected system. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability exists because certain unencrypted credentials are stored when SIP media component logging is enabled. An attacker could exploit this vulnerability by accessing the audit logs on an affected system and obtaining credentials to which they may not normally have access. A successful exploit could allow the attacker to use those credentials to access confidential information, some of which may contain personally identifiable information (PII). Note: To access the logs that are stored in the Webex Cloud or stored on the device itself, an attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Multiple Cisco Products Snort 3 MIME Denial of Service Vulnerabilities2025-10-15 16:00:00.0
Multiple Cisco products are affected by vulnerabilities in the HTTP Multipurpose Internet Mail Extensions (MIME) Decoder that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to leak possible sensitive information or to restart. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: Cisco IOS XE Software Secure Boot Bypass Vulnerabilities2025-10-15 15:57:29.0
Multiple vulnerabilities in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust. These vulnerabilities are due improper validation of software packages. An attacker could exploit these vulnerabilities by placing a crafted file into a specific location on an affected device. A successful exploit could allow the attacker to execute persistent code on the underlying operating system. Because these vulnerabilities allow an attacker to bypass a major security feature of a device, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20313,CVE-2025-20314Cisco IOS and IOS XE Software SNMP Denial of Service and Remote Code Execution Vulnerability2025-10-07 01:27:02.0
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow the following:
An attacker could exploit this vulnerability by sending a crafted SNMP packet to an affected device over IPv4 or IPv6 networks. This vulnerability is due to a stack overflow condition in the SNMP subsystem of the affected software. A successful exploit could allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition, or allow a high-privileged attacker to execute arbitrary code as the root user and obtain full control of the affected system. Note: This vulnerability affects all versions of SNMP. Cisco has released software updates that addresses this vulnerability. There are no workarounds that address this vulnerability. There is a mitigation that addresses this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20352Cisco IOS and IOS XE Software TACACS+ Authentication Bypass Vulnerability2025-10-01 23:39:50.0
A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required TACACS+ shared secret is configured. A machine-in-the-middle attacker could exploit this vulnerability by intercepting and reading unencrypted TACACS+ messages or impersonating the TACACS+ server and falsely accepting arbitrary authentication requests. A successful exploit could allow the attacker to view sensitive information in a TACACS+ message or bypass authentication and gain access to the affected device. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20160Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability2025-10-01 16:00:00.0
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, the attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Cyber Vision Center Stored Cross-Site Scripting Vulnerabilities2025-10-01 16:00:00.0
Multiple vulnerabilities in the web-based management interface of Cisco Cyber Vision Center could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. These vulnerabilities exist because the web-based management interface of an affected system does not sufficiently validate user-supplied input. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit CVE-2025-20356, the attacker must have valid administrative credentials that allow access to the Sensor Explorer page. By default, Admin and Product user roles have this access, as do any custom users that are configured to allow access to the Sensors page. To exploit CVE-2025-20357, the attacker must have valid administrative credentials that allow access to the Reports page. By default, all pre-defined user roles have this access, as do any custom users that are configured to allow access to the Reports page. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: Cisco IOS XE Software for Catalyst 9000 Series Switches Denial of Service Vulnerability2025-09-30 14:26:46.0
A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to become blocked and drop all outbound traffic. This vulnerability is due to improper handling of crafted Ethernet frames. An attacker could exploit this vulnerability by sending crafted Ethernet frames through an affected switch. A successful exploit could allow the attacker to cause the egress port to which the crafted frame is forwarded to start dropping all frames, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20311Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability2025-09-26 16:35:51.0
A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device. This vulnerability is due to a logic error in the processing of IPv6 RA packets that are received from wireless clients. An attacker could exploit this vulnerability by associating to a wireless network and sending a series of crafted IPv6 RA packets. A successful exploit could allow the attacker to temporarily change the IPv6 gateway of an affected device. This could also lead to intermittent packet loss for any wireless clients that are associated with the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco IOS XE Software Web Authentication Reflected Cross-Site Scripting Vulnerability2025-09-26 16:35:50.0
A vulnerability in the Web Authentication feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting attack (XSS) on an affected device. This vulnerability is due to improper sanitization of user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute a reflected XSS attack and steal user cookies from the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20240Cisco IOS and IOS XE Software CLI Denial of Service Vulnerability2025-09-24 23:00:00.0
A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20149Cisco IOS XE Software for Catalyst 9800 Series Wireless Controller for Cloud Unauthenticated Access to Certificate Enrollment Service Vulnerability2025-09-24 16:00:00.0
A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) could allow an unauthenticated, remote attacker to access the public-key infrastructure (PKI) server that is running on an affected device. This vulnerability is due to incomplete cleanup upon completion of the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests to an affected device. A successful exploit could allow the attacker to request a certificate from the virtual wireless controller and then use the acquired certificate to join an attacker-controlled device to the virtual wireless controller. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20293Cisco IOS XE Software Simple Network Management Protocol Denial of Service Vulnerability2025-09-24 16:00:00.0
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when parsing a specific SNMP request. An attacker could exploit this vulnerability by sending a specific SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMPv2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMPv3, the attacker must have valid SNMP user credentials for the affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, there is a mitigation. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20312Cisco IOS XE Software Network-Based Application Recognition Denial of Service Vulnerability2025-09-24 16:00:00.0
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition. This vulnerability is due to improper handling of malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. An attacker could exploit this vulnerability by sending malformed CAPWAP packets through an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. However, there is a mitigation. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20315Cisco IOS XE Software CLI Argument Injection Vulnerability2025-09-24 16:00:00.0
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by logging in to the device CLI with valid administrative (level 15) credentials and using crafted commands at the CLI prompt. A successful exploit could allow the attacker to execute arbitrary commands as root. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20338Cisco IOS XE Software HTTP API Command Injection Vulnerability2025-09-24 16:00:00.0
A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation. An attacker with administrative privileges could exploit this vulnerability by authenticating to an affected system and performing an API call with crafted input. Alternatively, an unauthenticated attacker could persuade a legitimate user with administrative privileges who is currently logged in to the system to click a crafted link. A successful exploit could allow the attacker to execute arbitrary commands as the root user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20334Cisco IOS Software Industrial Ethernet Switch Device Manager Denial of Service Vulnerability2025-09-24 16:00:00.0
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted URL in an HTTP request. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. There is a mitigation that addresses this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Cisco SD-WAN vEdge Software Access Control List Bypass Vulnerability2025-09-24 16:00:00.0
A vulnerability in the access control list (ACL) processing of IPv4 packets of Cisco SD-WAN vEdge Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the improper enforcement of the implicit deny all at the end of a configured ACL. An attacker could exploit this vulnerability by attempting to send unauthorized traffic to an interface on an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: Cisco IOS XE Software on Cisco Catalyst 9500X and 9600X Series Switches Virtual Interface Access Control List Bypass Vulnerability2025-09-24 16:00:00.0
A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL on an affected device. This vulnerability is due to the flooding of traffic from an unlearned MAC address on a switch virtual interface (SVI) that has an egress ACL applied. An attacker could exploit this vulnerability by causing the VLAN to flush its MAC address table. This condition can also occur if the MAC address table is full. A successful exploit could allow the attacker to bypass an egress ACL on an affected device. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20316Cisco Wireless Access Point Software Device Analytics Action Frame Injection Vulnerability2025-09-24 16:00:00.0
A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point (AP) Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due to insufficient verification checks of incoming 802.11 action frames. An attacker could exploit this vulnerability by sending 802.11 Device Analytics action frames with arbitrary parameters. A successful exploit could allow the attacker to inject Device Analytics action frames with arbitrary information, which could modify the Device Analytics data of valid wireless clients that are connected to the same wireless controller. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco IOS XE SD-WAN Software Packet Filtering Bypass Vulnerability2025-09-22 14:12:28.0
A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20221Cisco IOS XR Software Management Interface ACL Bypass Vulnerability2025-09-10 16:00:00.0
A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features. This vulnerability exists because management interface ACLs have not been supported on Cisco IOS XR Software Packet I/O infrastructure platforms for Linux-handled features such as SSH, NetConf, or gRPC. An attacker could exploit this vulnerability by attempting to send traffic to an affected device. A successful exploit could allow the attacker to bypass an ingress ACL that is applied on the management interface of the affected device. For more information about this vulnerability, see the Details section of this advisory. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20159Cisco IOS XR Software Image Verification Bypass Vulnerability2025-09-10 16:00:00.0
A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability is due to incomplete validation of files during the installation of an .iso file. An attacker could exploit this vulnerability by modifying contents of the .iso image and then installing and activating it on the device. A successful exploit could allow the attacker to load an unsigned file as part of the image activation process. Note: Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20248Cisco IOS XR ARP Broadcast Storm Denial of Service Vulnerability2025-09-10 16:00:00.0
A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device. This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities. A successful exploit could result in degraded device performance, loss of management connectivity, and complete unresponsiveness of the system, leading to a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the September 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20340Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 2100 Series IPv6 over IPsec Denial of Service Vulnerability2025-09-09 21:22:34.0
A vulnerability in the RADIUS proxy feature for the IPsec VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of IPv6 packets. An attacker could exploit this vulnerability by sending IPv6 packets over an IPsec VPN connection to an affected device. A successful exploit could allow the attacker to trigger a reload of the device, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20222Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability2025-09-03 16:00:00.0
A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) Software and Cisco Unified CM Session Management Edition (SME) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the affected user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Webex Meetings Cross-Site Scripting Vulnerability2025-09-03 16:00:00.0
A vulnerability in the user profile component of Cisco Webex Meetings could have allowed an authenticated, remote attacker with low privileges to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed. This vulnerability existed because of insufficient validation of user-supplied input to the user profile component of Cisco Webex Meetings. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could have allowed the attacker to conduct an XSS attack against the targeted user. As mentioned, Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Webex Meetings URL Redirection Vulnerability2025-09-03 16:00:00.0
A vulnerability in Cisco Webex Meetings could have allowed an unauthenticated, remote attacker to redirect a targeted Webex Meetings user to an untrusted website. Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is needed. This vulnerability existed because of insufficient validation of URLs that were included in a meeting-join URL. Prior to this vulnerability being addressed, an attacker could have exploited this vulnerability by including a URL to a website of their choosing in a specific value of a Cisco Webex Meetings join URL. A successful exploit could have allowed the attacker to redirect a targeted user to a website that was controlled by the attacker, possibly making the user more likely to believe the website was trusted by Webex and perform additional actions as part of phishing attacks. As mentioned, Cisco has addressed this vulnerability in the Cisco Webex Meetings service, and no customer action is necessary to update on-premises software or devices. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Software Vulnerabilities2025-09-03 16:00:00.0
Multiple vulnerabilities in the directory permissions of Cisco Desk Phone 9800 Series, Cisco IP Phone 7800 and 8800 Series, and Cisco Video Phone 8875 with Cisco Session Initiation Protocol (SIP) Software could allow an unauthenticated, remote attacker to conduct arbitrary file write and information disclosure attacks on an affected device. Note: To exploit these vulnerabilities, Web Access must be enabled on the phone. Web Access is disabled by default. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link: Cisco Unified Communications Manager IM & Presence Service Cross-Site Scripting Vulnerability2025-09-03 16:00:00.0
A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability2025-09-03 16:00:00.0
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against users of the interface of an affected system. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious code into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit this vulnerability, an attacker must have valid administrative credentials. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Information Disclosure Vulnerability2025-09-03 16:00:00.0
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an authenticated, remote attacker to obtain sensitive information from an affected system. This vulnerability is due to improper validation of requests to API endpoints. An attacker could exploit this vulnerability by sending a valid request to a specific API endpoint within the affected system. A successful exploit could allow a low-privileged user to view sensitive configuration information on the affected system that should be restricted. To exploit this vulnerability, an attacker must have access as a low-privileged user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability2025-09-03 16:00:00.0
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted file upload request to a specific API endpoint. A successful exploit could allow the attacker to upload arbitrary files to an affected system. To exploit this vulnerability, an attacker must have at least valid Config Managers credentials on the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software for Firepower 3100 and 4200 Series TLS 1.3 Cipher Denial of Service Vulnerability2025-09-03 13:37:50.0
A vulnerability in the TLS 1.3 implementation for a specific cipher for Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software for Cisco Firepower 3100 and 4200 Series devices could allow an authenticated, remote attacker to consume resources that are associated with incoming TLS 1.3 connections, which eventually could cause the device to stop accepting any new SSL/TLS or VPN requests. This vulnerability is due to the implementation of the TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. An attacker could exploit this vulnerability by sending a large number of TLS 1.3 connections with the specific TLS 1.3 Cipher TLS_CHACHA20_POLY1305_SHA256. A successful exploit could allow the attacker to cause a denial of service (DoS) condition where no new incoming encrypted connections are accepted. The device must be reloaded to clear this condition. Note: These incoming TLS 1.3 connections include both data traffic and user-management traffic. After the device is in the vulnerable state, no new encrypted connections can be accepted. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the August 2025 release of the Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco Secure Firewall ASA, Secure FMC, and Secure FTD Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20127Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability2025-08-27 16:00:00.0
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: This advisory is part of the August 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20241 |