Cisco

Multiple Cisco Products Unauthenticated Remote Code Execution in Erlang/OTP SSH Server

Cisco Security Advisories - 17 hours 5 min ago
On April 16, 2025, a critical vulnerability in the Erlang/OTP SSH server was disclosed. This vulnerability could allow an unauthenticated, remote attacker to perform remote code execution (RCE) on an affected device.<br><br> The vulnerability is due to a flaw in the handling of SSH messages during the authentication phase.<br><br> For a description of this vulnerability, see the <a href="https://github.com/erlang/otp/security/advisories/GHSA-37cp-fgq5-7wc2" target="_blank" rel="noopener">Erlang announcement</a>.<br><br> This advisory will be updated as additional information becomes available.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-erlang-otp-ssh-xyZZy</a><br><br> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2025-32433
Categories: Cisco

Cisco Nexus Dashboard LDAP Username Enumeration Vulnerability

Cisco Security Advisories - Wed, 04/16/2025 - 7:00pm
A vulnerability in Cisco Nexus Dashboard could allow an unauthenticated, remote attacker to enumerate LDAP user accounts.<br><br> This vulnerability is due to the improper handling of LDAP authentication requests. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow an attacker to determine which usernames are valid LDAP user accounts.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-unenum-2xFFh472">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nd-unenum-2xFFh472</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20150
Categories: Cisco

Cisco Webex App Client-Side Remote Code Execution Vulnerability

Cisco Security Advisories - Wed, 04/16/2025 - 7:00pm
A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.<br><br> This vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20236
Categories: Cisco

Cisco Secure Network Analytics Privilege Escalation Vulnerability

Cisco Security Advisories - Wed, 04/16/2025 - 7:00pm
A vulnerability in the web-based management interface of Cisco Secure Network Analytics could allow an authenticated, remote attacker with valid administrative credentials to execute arbitrary commands as <em>root</em> on the underlying operating system.<br><br> <div> This vulnerability is due to insufficient integrity checks within device backup files. An attacker with valid administrative credentials could exploit this vulnerability by crafting a malicious backup file and restoring it to an affected device. A successful exploit could allow the attacker to obtain shell access on the underlying operating system with the privileges of <em>root</em>.<br><br> </div> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20178
Categories: Cisco

Cisco NX-OS Software Image Verification Bypass Vulnerability

Cisco Security Advisories - Mon, 04/07/2025 - 7:43pm
A vulnerability in the bootloader of Cisco NX-OS Software could allow an unauthenticated attacker with physical access to an affected device, or an authenticated, local attacker with administrative credentials, to bypass NX-OS image signature verification.&nbsp;<br><br> This vulnerability is due to insecure bootloader settings. An attacker could exploit this vulnerability by executing a series of bootloader commands. A successful exploit could allow the attacker to bypass NX-OS image signature verification and load unverified software.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL" target="_blank" rel="noopener">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-image-sig-bypas-pQDRQvjL</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2024-20397
Categories: Cisco

Cisco Enterprise Chat and Email Denial of Service Vulnerability

Cisco Security Advisories - Wed, 04/02/2025 - 7:00pm
A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br><br> This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit this vulnerability by sending malicious requests to a messaging chat entry point in the affected application. A successful exploit could allow the attacker to cause the application to stop responding, resulting in a DoS condition. The application may not recover on its own and may need an administrator to manually restart services to recover.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-tC6m9GZ8">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-tC6m9GZ8</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20139
Categories: Cisco

Cisco Meraki MX and Z Series AnyConnect VPN Denial of Service Vulnerability

Cisco Security Advisories - Wed, 04/02/2025 - 7:00pm
A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device.<br><br> This vulnerability exists because a variable is not initialized when an SSL VPN session is established. An attacker could exploit this vulnerability by supplying crafted attributes while establishing an SSL VPN session with an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.<br><br> <strong>Note:</strong> When the attack traffic stops, the Cisco AnyConnect VPN server recovers without manual intervention.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vNRpDvfb">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vNRpDvfb</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20212
Categories: Cisco

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerabilities

Cisco Security Advisories - Wed, 04/02/2025 - 7:00pm
Multiple vulnerabilities in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected system.<br><br> For more information about these vulnerabilities, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerabilities%26vs_k=1#details">Details</a> section of this advisory.<br><br> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20120,CVE-2025-20203
Categories: Cisco

Cisco Webex for BroadWorks Credential Exposure Vulnerability

Cisco Security Advisories - Tue, 04/01/2025 - 11:40pm
A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for SIP communication.<br><br> This vulnerability is due to the exposure of sensitive information in the SIP headers.<br><br> A related issue could allow an authenticated user to access credentials in plain text in the client and server logs.&nbsp;<br><br> A malicious actor could exploit this vulnerability and the related issue to access data and credentials and impersonate the user.<br><br> A configuration change to fix this vulnerability and the related issue has been pushed to Cisco Webex for BroadWorks. Cisco recommends that customers restart their Cisco Webex application to apply the configuration changes.<br><br> There is a workaround that addresses this vulnerability and the related issue.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-credexp-xMN85y6">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-credexp-xMN85y6</a><br><br> <br/>Security Impact Rating: Informational
Categories: Cisco

Cisco Smart Licensing Utility Vulnerabilities

Cisco Security Advisories - Tue, 04/01/2025 - 10:24pm
Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a system while the software is running.<br><br> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.<br><br> For more information about these vulnerabilities, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Smart Licensing Utility Vulnerabilities%26vs_k=1#details">Details</a> section of this advisory.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw</a><br><br> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2024-20439,CVE-2024-20440
Categories: Cisco

Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability

Cisco Security Advisories - Fri, 03/28/2025 - 9:38pm
A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.<br><br> This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2024-20475
Categories: Cisco