Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2018-0171 |
Description: In addition to using CVE-2018-0171 and other Cisco bugs to break into telecom networks, the China-sponsored APT is also using using stolen login credentials for initial access.
CVSS: CRITICAL (9.8)
February 21st, 2025 (about 2 months ago)
|
|
CVE-2018-0171 |
Description: Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies.
"The threat actor then demonstrated their ability to persist in target environments across equipment from multiple
February 21st, 2025 (about 2 months ago)
|
|
CVE-2025-27091 |
Description: OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence Parameter Set (SPS) memory allocation and a subsequent non Instantaneous Decoder Refresh (non-IDR) Network Abstraction Layer (NAL) unit memory usage. An attacker could exploit this vulnerability by crafting a malicious bitstream and tricking a victim user into processing an arbitrary video containing the malicious bistream. An exploit could allow the attacker to cause an unexpected crash in the victim's user decoding client and, possibly, perform arbitrary commands on the victim's host by abusing the heap overflow. This vulnerability affects OpenH264 2.5.0 and earlier releases. Both Scalable Video Coding (SVC) mode and Advanced Video Coding (AVC) mode are affected by this vulnerability. OpenH264 software releases 2.6.0 and later contained the fix for this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability.
### For more information
If you have any questions or comments about this advisory:
* [Open an issue in cisco/openh264](https://github.com/cisco/openh264/issues)
* Email Cisco Open Source Security ([[email protected]](mailto:[email protected])) and Cisco PSIRT ([[email protected]](mailto:[email protected]))
### Credits:
* **Re...
CVSS: HIGH (8.6) EPSS Score: 0.13%
February 21st, 2025 (about 2 months ago)
|
|
Description: Cisco Talos has been closely monitoring reports of widespread intrusion activity against several major U.S. telecommunications companies, by a threat actor dubbed Salt Typhoon. This blog highlights our observations on this campaign and identifies recommendations for detection and prevention.
February 20th, 2025 (about 2 months ago)
|
|
CVE-2025-20211 |
Description: A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
CVSS: MEDIUM (6.1) EPSS Score: 0.05%
February 20th, 2025 (about 2 months ago)
|
|
CVE-2025-20158 |
Description: A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default.
This vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system.
CVSS: MEDIUM (4.4) EPSS Score: 0.02%
February 20th, 2025 (about 2 months ago)
|
|
CVE-2025-20153 |
Description: A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.
This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.
CVSS: MEDIUM (5.8) EPSS Score: 0.03%
February 20th, 2025 (about 2 months ago)
|
|
CVE-2025-20153 |
Description:
A vulnerability in the email filtering mechanism of Cisco Secure Email Gateway could allow an unauthenticated, remote attacker to bypass the configured rules and allow emails that should have been denied to flow through an affected device.
This vulnerability is due to improper handling of email that passes through an affected device. An attacker could exploit this vulnerability by sending a crafted email through the affected device. A successful exploit could allow the attacker to bypass email filters on the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-esa-mailpol-bypass-5nVcJZMw
Security Impact Rating: Medium
CVE: CVE-2025-20153
EPSS Score: 0.03%
February 19th, 2025 (about 2 months ago)
|
|
CVE-2025-20211 |
Description:
A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform could allow an unauthenticated, remote attacker to conduct a cross-site scripting attack against a user of the interface.
This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-broadworks-xss-GDPgJ58P
Security Impact Rating: Medium
CVE: CVE-2025-20211
CVSS: MEDIUM (6.1) EPSS Score: 0.05%
February 19th, 2025 (about 2 months ago)
|
|
CVE-2025-20158 |
Description:
A vulnerability in the debug shell of Cisco Video Phone 8875 and Cisco Desk Phone 9800 Series could allow an authenticated, local attacker to access sensitive information on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials with SSH access on the affected device. SSH access is disabled by default.
This vulnerability is due to insufficient validation of user-supplied input by the debug shell of an affected device. An attacker could exploit this vulnerability by sending a crafted SSH client command to the CLI. A successful exploit could allow the attacker to access sensitive information on the underlying operating system.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-phone-info-disc-YyxsWStK
Security Impact Rating: Medium
CVE: CVE-2025-20158
CVSS: MEDIUM (4.4) EPSS Score: 0.02%
February 19th, 2025 (about 2 months ago)
|