Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-20202
Cisco IOS XE Wireless Controller Software Cisco Discovery Protocol Denial of Service Vulnerability
Description: A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this vulnerability by sending a crafted CDP packet to an AP. A successful exploit could allow the attacker to cause an unexpected reload of the wireless controller that is managing the AP, resulting in a DoS condition that affects the wireless network. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2025-20202

EPSS Score: 0.02%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20190
Cisco IOS XE Wireless Controller Software Unauthorized User Deletion Vulnerability
Description: A vulnerability in the lobby ambassador web interface of Cisco IOS XE Wireless Controller Software could allow an authenticated, remote attacker to remove arbitrary users that are defined on an affected device. This vulnerability is due to insufficient access control of actions executed by lobby ambassador users. An attacker could exploit this vulnerability by logging in to an affected device with a lobby ambassador user account and sending crafted HTTP requests to the API. A successful exploit could allow the attacker to delete arbitrary user accounts on the device, including users with administrative privileges. Note: This vulnerability is exploitable only if the attacker obtains the credentials for a lobby ambassador account. This account is not configured by default. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20190

EPSS Score: 0.03%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20192
Cisco IOS XE Software Internet Key Exchange Version 1 Denial of Service Vulnerability
Description: A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is due to improper validation of IKEv1 phase 2 parameters before the IPsec security association creation request is handed off to the hardware cryptographic accelerator of an affected device. An attacker could exploit this vulnerability by sending crafted IKEv1 messages to the affected device. A successful exploit could allow the attacker to cause the device to reload. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2025-20192

EPSS Score: 0.17%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20197
Cisco IOS XE Software Privilege Escalation Vulnerabilities
Description: Multiple vulnerabilities in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. These vulnerabilities are due to insufficient input validation when processing specific configuration commands. An attacker could exploit these vulnerabilities by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The Security Impact Rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions. Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advi...

EPSS Score: 0.01%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20137
Cisco IOS Software on Cisco Catalyst 1000 and 2960L Switches Access Control List Bypass Vulnerability
Description: A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL and a dynamic ACL of IP Source Guard on the same interface, which is an unsupported configuration. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. Note: Cisco documentation has been updated to reflect that this is an unsupported configuration. However, Cisco is publishing this advisory because the device will not prevent an administrator from configuring both features on the same interface. There are no plans to implement the ability to configure both features on the same interface on Cisco Catalyst 1000 or Catalyst 2960L Switches. Cisco has not released software updates that address this vulnerability. There are workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk Security Impact Rating: Medium CVE: CVE-2025-20137

EPSS Score: 0.03%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20214
Cisco IOS XE Software Model-Driven Programmability Authorization Bypass Vulnerability
Description: A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data. This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker could exploit this vulnerability by using either NETCONF, RESTCONF, or gRPC Network Management Interface (gNMI) protocols and query data on paths that may have been denied by the NACM configuration. A successful exploit could allow the attacker to access data that should have been restricted according to the NACM configuration. Note: This vulnerability requires that the attacker obtain the credentials from a valid user with privileges lower than 15, and that NACM was configured to provide restricted read access for that user. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: Medium CVE: CVE-2025-20214

EPSS Score: 0.04%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20213
Cisco Catalyst SD-WAN Manager Arbitrary File Overwrite Vulnerability
Description: A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to overwrite arbitrary files on the local file system of an affected device. To exploit this vulnerability, the attacker must have valid read-only credentials with CLI access on the affected system. This vulnerability is due to improper access controls on files that are on the local file system. An attacker could exploit this vulnerability by running a series of crafted commands on the local file system of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the affected device and gain privileges of the root user. To exploit this vulnerability, an attacker would need to have CLI access as a low-privilege user. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-fileoverwrite-Uc9tXWH Security Impact Rating: Medium CVE: CVE-2025-20213

EPSS Score: 0.03%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20122
Cisco Catalyst SD-WAN Manager Privilege Escalation Vulnerability
Description: A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system. This vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt Security Impact Rating: High CVE: CVE-2025-20122

EPSS Score: 0.02%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20187
Cisco Catalyst SD-WAN Manager Arbitrary File Creation Vulnerability
Description: A vulnerability in the application data endpoints of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to write arbitrary files to an affected system. This vulnerability is due to improper validation of requests to APIs. An attacker could exploit this vulnerability by sending malicious requests to an API within the affected system. A successful exploit could allow the attacker to conduct directory traversal attacks and write files to an arbitrary location on the affected system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanarbfile-2zKhKZwJ Security Impact Rating: Medium CVE: CVE-2025-20187

EPSS Score: 0.21%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)

CVE-2025-20191
Multiple Cisco Products Switch Integrated Security Features DHCPv6 Denial of Service Vulnerability
Description: A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY This advisory is part of the May 2025 release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: May 2025 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Security Impact Rating: High CVE: CVE-2025-20191

EPSS Score: 0.01%

Source: Cisco Security Advisory
May 7th, 2025 (28 days ago)