Threat and Vulnerability Intelligence Database

RSS Feed

Example Searches:

CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited

CVE-2025-20208
Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability
Description: A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.   This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-vuln-WbTcYwxG Security Impact Rating: Medium CVE: CVE-2025-20208

EPSS Score: 0.04%

Source: Cisco Security Advisory
March 5th, 2025 (about 1 month ago)

CVE-2024-20427
Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability
Description: A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.   This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-vuln-WbTcYwxG Security Impact Rating: Medium CVE: CVE-2024-20427
Source: Cisco Security Advisory
March 5th, 2025 (about 1 month ago)

CVE-2025-20206
Cisco Secure Client for Windows with Secure Firewall Posture Engine DLL Hijacking Vulnerability
Description: A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client. This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to a specific Cisco Secure Client process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with SYSTEM privileges. To exploit this vulnerability, the attacker must have valid user credentials on the Windows system. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-dll-injection-AOyzEqSg Security Impact Rating: High CVE: CVE-2025-20206

EPSS Score: 0.01%

Source: Cisco Security Advisory
March 5th, 2025 (about 1 month ago)
Cisco Webex for BroadWorks Credential Exposure Vulnerability
Description: A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for the SIP communication. This vulnerability is due to the exposure of sensitive information in the SIP headers. A related issue could allow an authenticated user to access credentials in plain text in the client and server logs.  A malicious actor could exploit this vulnerability and the related issue to access data and credentials and impersonate the user. A configuration change to fix this vulnerability and the related issue has been pushed to Cisco Webex for BroadWorks. Cisco recommends that customers restart their Cisco Webex application to apply the configuration changes. There is a workaround that addresses this vulnerability and the related issue. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-credexp-xMN85y6 Security Impact Rating: Informational
Source: Cisco Security Advisory
March 4th, 2025 (about 2 months ago)
CISA tags Windows, Cisco vulnerabilities as actively exploited
🚨 Marked as known exploited on April 10th, 2025 (9 days ago).
Description: CISA has warned US federal agencies to secure their systems against attacks exploiting vulnerabilities in Cisco and Windows systems. [...]
Source: BleepingComputer
March 3rd, 2025 (about 2 months ago)

CVE-2023-20118
CISA Adds Five Known Exploited Vulnerabilities to Catalog
Description: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-20118 Cisco Small Business RV Series Routers Command Injection Vulnerability CVE-2022-43939 Hitachi Vantara Pentaho BA Server Authorization Bypass Vulnerability CVE-2022-43769 Hitachi Vantara Pentaho BA Server Special Element Injection Vulnerability CVE-2018-8639 Microsoft Windows Win32k Improper Resource Shutdown or Release Vulnerability CVE-2024-4885 Progress WhatsUp Gold Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information. Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the cata...

CVSS: MEDIUM (6.5)

Source: All CISA Advisories
March 3rd, 2025 (about 2 months ago)

CVE-2023-20118
Cisco Small Business RV Series Routers Command Injection Vulnerability
Description: Multiple Cisco Small Business RV Series Routers contains a command injection vulnerability in the web-based management interface. Successful exploitation could allow an authenticated, remote attacker to gain root-level privileges and access unauthorized data.

CVSS: MEDIUM (6.5)

Source: CISA KEV
March 3rd, 2025 (about 2 months ago)
Cisco's SnapAttack Deal Expands Splunk's Capabilities
Description: The addition of SnapAttack, a startup incubated by Booz Allen Hamilton’s Darklabs, will enhance Splunk with accelerated SIEM migration and proactive threat hunting.
Source: Dark Reading
March 3rd, 2025 (about 2 months ago)

CVE-2025-1868
Exposición de información en múltiples productos de Famatech Corp
Description: Information display on multiple products from Famatech Corp Mon, 03/03/2025 - 11:08 Aviso Affected Resources Advanced IP Scanner: versions 2.5.4594.1 and earlier.Advanced Port Scanner: versions 2.5.3869 and earlier. Description INCIBE has coordinated the publication of a medium severity vulnerability affecting Advanced IP Scanner and Advanced Port Scanner, a free network scanner, which has been discovered by Francisco Javier Medina Munuera, Pedro Gabaldón Juliá, Alejandro Baño Andrés and Antonio José Gálvez Sánchez.This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:CVE-2025-1868: CVSS v4.0: 6.9 | CVSS AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N | CWE-200 Identificador INCIBE-2025-112 3 - Medium Solution The vulnerability has not yet been fixed, but the Famatech Corp team is working on it. Detail CVE-2025-1868: vulnerability of unauthorized exposure of confidential information affecting Advanced IP Scanner and Advanced Port Scanner. It occurs when these applications initiate a network scan, inadvertently sending the NTLM hash of the user performing the scan. This vulnerability can be exploited by intercepting network traffic to a legitimate server or by setting up a fake server, in both local and remote scen...

EPSS Score: 0.02%

Source: Incibe CERT
March 3rd, 2025 (about 2 months ago)

CVE-2023-20118
PolarEdge Botnet Exploits Cisco and Other Flaws to Hijack ASUS, QNAP, and Synology Devices
Description: A new malware campaign has been observed targeting edge devices from Cisco, ASUS, QNAP, and Synology to rope them into a botnet named PolarEdge since at least the end of 2023. French cybersecurity company Sekoia said it observed the unknown threat actors leveraging CVE-2023-20118 (CVSS score: 6.5), a critical security flaw impacting Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and

CVSS: MEDIUM (6.5)

Source: TheHackerNews
February 27th, 2025 (about 2 months ago)