Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
|
Description: Threat actors are teaming up, splitting attacks into stages and making defense harder than ever. In Part 1, Cisco Talos examines their tactics and defines their motivations.
May 13th, 2025 (25 days ago)
|
|
Description: How do you profile actors and defend your systems when multiple threat actors are working together? In Part 2, Cisco Talos proposes an extended Diamond Model to analyze complex relationships between attackers.
May 13th, 2025 (25 days ago)
|
|
Description: Cybersecurity researchers are warning of a new campaign that's targeting Portuguese-speaking users in Brazil with trial versions of commercial remote monitoring and management (RMM) software since January 2025.
"The spam message uses the Brazilian electronic invoice system, NF-e, as a lure to entice users into clicking hyperlinks and accessing malicious content hosted in Dropbox," Cisco Talos
May 9th, 2025 (29 days ago)
|
|
Description: Cisco has fixed a maximum severity flaw inĀ IOS XE Software for Wireless LAN Controllers by a hard-coded JSON Web Token (JWT) that allows an unauthenticated remote attacker to take over devices. [...]
May 8th, 2025 (30 days ago)
|
|
Description: Cisco IOS XE Wireless Controllers Vulnerable to Unauthenticated Root Exploits via JWT (CVE-2025-20188)
CVSS: CRITICAL (10.0) EPSS Score: 3.8%
May 8th, 2025 (30 days ago)
|
CVE-2024-20255 |
Description: A vulnerability in the SOAP API of Cisco Expressway Series and Cisco TelePresence Video Communication Server could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.
This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user of the REST API to follow a crafted link. A successful exploit could allow the attacker to cause the affected system to reload.
CVSS: HIGH (8.2) EPSS Score: 0.74% SSVC Exploitation: none
May 8th, 2025 (30 days ago)
|
|
Description: Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system.
The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system.
"This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an
CVSS: CRITICAL (10.0) EPSS Score: 3.8%
May 8th, 2025 (about 1 month ago)
|
|
CVE-2025-20223 |
Description: A vulnerability in Cisco Catalyst Center, formerly Cisco DNA Center, could allow an authenticated, remote attacker to read and modify data in a repository that belongs to an internal service of an affected device.
This vulnerability is due to insufficient enforcement of access control on HTTP requests. An attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read and modify data that is handled by an internal service on the affected device.
CVSS: MEDIUM (4.7) EPSS Score: 0.08%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-20221 |
Description: A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters.
This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network.
CVSS: MEDIUM (5.3) EPSS Score: 0.02%
May 7th, 2025 (about 1 month ago)
|
|
CVE-2025-20216 |
Description: A vulnerability in the web interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an unauthenticated, remote attacker to inject HTML into the browser of an authenticated user.
This vulnerability is due to improper sanitization of input to the web interface. An attacker could exploit this vulnerability by convincing an authenticated user to click a malicious link. A successful exploit could allow the attacker to inject HTML into the browser of an authenticated Cisco Catalyst SD-WAN Manager user.
CVSS: MEDIUM (4.7) EPSS Score: 0.05% SSVC Exploitation: none
May 7th, 2025 (about 1 month ago)
|