Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2003-1109
Cisco IP Phones Denial of Service (CVE-2003-1109)
Description: Tenable OT Security Plugin ID 503155 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503155
Source: Tenable Plugins
April 11th, 2025 (8 days ago)

CVE-2008-4444
Cisco IP Phones Improper Input Validation (CVE-2008-4444)
Description: Tenable OT Security Plugin ID 503156 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Cisco Unified IP Phone (aka SIP phone) 7960G and 7940G with firmware P0S3-08-9-00 and possibly other versions before 8.10 allows remote attackers to cause a denial of service (device reboot) or possibly execute arbitrary code via a Realtime Transport Protocol (RTP) packet with malformed headers.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503156
Source: Tenable Plugins
April 11th, 2025 (8 days ago)

CVE-2011-2545
Cisco IP Phones Improper Neutralization of Input During Web Page Generation (CVE-2011-2545)
Description: Tenable OT Security Plugin ID 503157 with Medium Severity Synopsis The remote OT asset is affected by a vulnerability. Description Cross-site scripting (XSS) vulnerability in the SIP implementation on the Cisco SPA8000 and SPA8800 before 6.1.11, SPA2102 and SPA3102 before 5.2.13, and SPA 500 series IP phones before 7.4.9 allows remote attackers to inject arbitrary web script or HTML via the FROM field of an INVITE message, aka Bug IDs CSCtr27277, CSCtr27256, CSCtr27274, and CSCtr14715.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503157
Source: Tenable Plugins
April 11th, 2025 (8 days ago)
Unraveling the U.S. toll road smishing scams
Description: Cisco Talos has observed a widespread and ongoing financial theft SMS phishing (smishing) campaign since October 2024 that targets toll road users in the United States of America.  
Source: Cisco Talos Blog
April 10th, 2025 (9 days ago)

CVE-2009-0627
Cisco (CVE-2009-0627)
Description: Tenable OT Security Plugin ID 503153 with High Severity Synopsis The remote OT asset is affected by a vulnerability. Description Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified sequence of TCP packets related to TCP State manipulation, possibly related to separate attacks against CVE-2008-4609.This plugin only works with Tenable.ot.Please visit https://www.tenable.com/products/tenable-ot for more information. Solution Refer to the vendor advisory. Read more at https://www.tenable.com/plugins/ot/503153
Source: Tenable Plugins
April 9th, 2025 (10 days ago)
One mighty fine-looking report
Description: Hazel highlights the key findings within Cisco Talos’ 2024 Year in Review (now available for download) and details our active tracking of an ongoing campaign targeting users in Ukraine with malicious LNK files.
Source: Cisco Talos Blog
April 3rd, 2025 (16 days ago)

CVE-2025-20120
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerabilities
Description: Multiple vulnerabilities in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected system. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4 Security Impact Rating: Medium CVE: CVE-2025-20120,CVE-2025-20203

EPSS Score: 0.02%

Source: Cisco Security Advisory
April 2nd, 2025 (17 days ago)

CVE-2025-20212
Cisco Meraki MX and Z Series AnyConnect VPN Denial of Service Vulnerability
Description: A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device. This vulnerability exists because a variable is not initialized when an SSL VPN session is established. An attacker could exploit this vulnerability by supplying crafted attributes while establishing an SSL VPN session with an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers without manual intervention. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vNRpDvfb Security Impact Rating: High CVE: CVE-2025-20212

EPSS Score: 0.12%

Source: Cisco Security Advisory
April 2nd, 2025 (17 days ago)

CVE-2025-20139
Cisco Enterprise Chat and Email Denial of Service Vulnerability
Description: A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit this vulnerability by sending malicious requests to a messaging chat entry point in the affected application. A successful exploit could allow the attacker to cause the application to stop responding, resulting in a DoS condition. The application may not recover on its own and may need an administrator to manually restart services to recover. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-tC6m9GZ8 Security Impact Rating: High CVE: CVE-2025-20139

EPSS Score: 0.1%

Source: Cisco Security Advisory
April 2nd, 2025 (17 days ago)
Cisco warns of CSLU backdoor admin account used in attacks
Description: Cisco warns admins to patch a critical Cisco Smart Licensing Utility (CSLU) vulnerability, which exposes a built-in backdoor admin account now used in attacks. [...]
Source: BleepingComputer
April 2nd, 2025 (17 days ago)