Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-20209 |
Description:
A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets.
This vulnerability is due to improper handling of malformed IKEv2 packets. An attacker could exploit this vulnerability by sending malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to prevent the affected device from processing any control plane UDP packets, resulting in a denial of service (DoS) condition.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrike-9wYGpRGq
This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication.
Security Impact Rating: High
CVE: CVE-2025-20209
EPSS Score: 0.09%
March 12th, 2025 (3 months ago)
|
|
CVE-2025-20177 |
Description:
A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device.
This vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass some of the integrity checks that are performed during the boot process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.
Note: Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx
This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: M...
EPSS Score: 0.02%
March 12th, 2025 (3 months ago)
|
|
CVE-2025-20208 |
Description:
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-vuln-WbTcYwxG
Security Impact Rating: Medium
CVE: CVE-2025-20208
EPSS Score: 0.04%
March 5th, 2025 (3 months ago)
|
|
CVE-2024-20427 |
Description:
A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.
This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-vuln-WbTcYwxG
Security Impact Rating: Medium
CVE: CVE-2024-20427
March 5th, 2025 (3 months ago)
|
|
CVE-2025-20206 |
Description:
A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client.
This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to a specific Cisco Secure Client process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid user credentials on the Windows system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-dll-injection-AOyzEqSg
Security Impact Rating: High
CVE: CVE-2025-20206
EPSS Score: 0.01%
March 5th, 2025 (3 months ago)
|
|
Description:
A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for the SIP communication.
This vulnerability is due to the exposure of sensitive information in the SIP headers.
A related issue could allow an authenticated user to access credentials in plain text in the client and server logs.
A malicious actor could exploit this vulnerability and the related issue to access data and credentials and impersonate the user.
A configuration change to fix this vulnerability and the related issue has been pushed to Cisco Webex for BroadWorks. Cisco recommends that customers restart their Cisco Webex application to apply the configuration changes.
There is a workaround that addresses this vulnerability and the related issue.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-credexp-xMN85y6
Security Impact Rating: Informational
March 4th, 2025 (3 months ago)
|
|
|
🚨 Marked as known exploited on April 10th, 2025 (about 2 months ago).
Description: CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. [...]
March 3rd, 2025 (3 months ago)
|
|
|
Description: The addition of SnapAttack, a startup incubated by Booz Allen Hamilton’s Darklabs, will enhance Splunk with accelerated SIEM migration and proactive threat hunting.
March 3rd, 2025 (3 months ago)
|
|
CVE-2025-1868 |
Description: Information display on multiple products from Famatech Corp
Mon, 03/03/2025 - 11:08
Aviso
Affected Resources
Advanced IP Scanner: versions 2.5.4594.1 and earlier.Advanced Port Scanner: versions 2.5.3869 and earlier.
Description
INCIBE has coordinated the publication of a medium severity vulnerability affecting Advanced IP Scanner and Advanced Port Scanner, a free network scanner, which has been discovered by Francisco Javier Medina Munuera, Pedro Gabaldón Juliá, Alejandro Baño Andrés and Antonio José Gálvez Sánchez.This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:CVE-2025-1868: CVSS v4.0: 6.9 | CVSS AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-200
Identificador
INCIBE-2025-112
3 - Medium
Solution
The vulnerability has not yet been fixed, but the Famatech Corp team is working on it.
Detail
CVE-2025-1868: vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by intercepting network traffic to a legitimate server or by setting up a fake server, in both local and remote scen...
EPSS Score: 0.02%
March 3rd, 2025 (3 months ago)
|
|
CVE-2025-20111 |
Description:
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload.
Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g
This advisory is part of the February 2025 Cisco FXOS and NX-OS Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: February 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication.
Security Impact Rating: High
CVE: CVE-2025-20111
EPSS Score: 0.04%
February 26th, 2025 (3 months ago)
|