Cisco

A vulnerability in chat messaging features of Cisco Enterprise Chat and Email (ECE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br><br> This vulnerability is due to improper validation of user-supplied input to chat entry points. An attacker could exploit this vulnerability by sending malicious requests to a messaging chat entry point in the affected application. A successful exploit could allow the attacker to cause the application to stop responding, resulting in a DoS condition. The application may not recover on its own and may need an administrator to manually restart services to recover.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-tC6m9GZ8">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ece-dos-tC6m9GZ8</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20139

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device.<br><br> This vulnerability exists because a variable is not initialized when an SSL VPN session is established. An attacker could exploit this vulnerability by supplying crafted attributes while establishing an SSL VPN session with an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established.<br><br> <strong>Note:</strong> When the attack traffic stops, the Cisco AnyConnect VPN server recovers without manual intervention.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vNRpDvfb">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn-dos-vNRpDvfb</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20212

Multiple vulnerabilities in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow a remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected system.<br><br> For more information about these vulnerabilities, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerabilities%26vs_k=1#details">Details</a> section of this advisory.<br><br> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20120,CVE-2025-20203

A low-severity vulnerability in Cisco Webex for BroadWorks Release 45.2 could allow an unauthenticated, remote attacker to access data and credentials if unsecure transport is configured for SIP communication.<br><br> This vulnerability is due to the exposure of sensitive information in the SIP headers.<br><br> A related issue could allow an authenticated user to access credentials in plain text in the client and server logs.&nbsp;<br><br> A malicious actor could exploit this vulnerability and the related issue to access data and credentials and impersonate the user.<br><br> A configuration change to fix this vulnerability and the related issue has been pushed to Cisco Webex for BroadWorks. Cisco recommends that customers restart their Cisco Webex application to apply the configuration changes.<br><br> There is a workaround that addresses this vulnerability and the related issue.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-credexp-xMN85y6">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-credexp-xMN85y6</a><br><br> <br/>Security Impact Rating: Informational

Multiple vulnerabilities in Cisco Smart Licensing Utility could allow an unauthenticated, remote attacker to collect sensitive information or administer Cisco Smart Licensing Utility services on a system while the software is running.<br><br> Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities.<br><br> For more information about these vulnerabilities, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Smart Licensing Utility Vulnerabilities%26vs_k=1#details">Details</a> section of this advisory.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cslu-7gHMzWmw</a><br><br> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2024-20439,CVE-2024-20440

A vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.<br><br> This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by inserting malicious data into a specific data field in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-xss-zQ4KPvYd</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2024-20475

A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.<br><br> This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.<br><br> For more information about this vulnerability, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco IOS XR Software Access Control List Bypass Vulnerability%26vs_k=1#details">Details</a> section of this advisory.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20145

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have <em>root-system</em> privileges on the affected device.<br><br> This vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass some of the integrity checks that are performed during the boot process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.<br><br> <strong>Note:</strong> Because exploitation of this vulnerability could result in the attacker bypassing Cisco image verification, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20177

A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets.&nbsp;<br><br> This vulnerability is due to improper handling of malformed IKEv2 packets. An attacker could exploit this vulnerability by sending malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to prevent the affected device from processing any control plane UDP packets, resulting in a denial of service (DoS) condition.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrike-9wYGpRGq">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrike-9wYGpRGq</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20209

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms.&nbsp;<br><br> This vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20141

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have <em>root-system</em> privileges on the affected device.<br><br> This vulnerability is due to insufficient verification of modules in the software load process. An attacker could exploit this vulnerability by manipulating the loaded binaries to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.<br><br> <strong>Note:</strong> This vulnerability affects Cisco IOS XR Software, not the Secure Boot feature.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-lkm-zNErZjbZ">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-lkm-zNErZjbZ</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20143

A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.<br><br> This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass a configured ACL on the affected device.<br><br> For more information, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs-hybridacl-crMZFfKQ?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco IOS XR Software Hybrid Access Control List Bypass Vulnerability%26vs_k=1#details">Details</a> section of this advisory.<br><br> Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs-hybridacl-crMZFfKQ">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs-hybridacl-crMZFfKQ</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20144

A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition.<br><br> This vulnerability is due to the incorrect handling of malformed IPv4 multicast packets that are received on line cards where the interface has either an IPv4 access control list (ACL) or a QoS policy applied. An attacker could exploit this vulnerability by sending crafted IPv4 multicast packets through an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset. Traffic over that line card would be lost while the line card reloads.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. There are mitigations that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multicast-ERMrSvq7">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multicast-ERMrSvq7</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20146

A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition.<br><br> This vulnerability is due to the incorrect handling of malformed IPv4 packets that are received on line cards where the interface has either an IPv4 ACL or QoS policy applied. An attacker could exploit this vulnerability by sending crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to cause network processor errors, resulting in a reset or shutdown of the network process. Traffic over that line card would be lost while the line card reloads.<br><br> <strong>Note:</strong> This vulnerability has predominantly been observed in Layer 2 VPN (L2VPN) environments where an IPv4 ACL or QoS policy has been applied to the bridge virtual interface. Layer 3 configurations where the interface has either an IPv4 ACL or QoS policy applied are also affected, though the vulnerability has not been observed.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. There are mitigations that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4uni-LfM3cfBu">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4uni-LfM3cfBu</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20142

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as <em>root</em> on the underlying operating system of an affected device.<br><br> This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to <em>root </em>and execute arbitrary commands.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20138

A vulnerability in confederation implementation for the Border Gateway Protocol (BGP)&nbsp;in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.<br><br> This vulnerability is due to a memory corruption that occurs when a BGP update is created with an AS_CONFED_SEQUENCE attribute that has 255 autonomous system numbers (AS numbers). An attacker could exploit this vulnerability by sending a crafted BGP update message, or the network could be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more. A successful exploit could allow the attacker to cause memory corruption, which may cause the BGP process to restart, resulting in a DoS condition. To exploit this vulnerability, an attacker must control a BGP confederation speaker within the same autonomous system as the victim, or the network must be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.<br><br> Cisco has released software updates that address this vulnerability. There is a workaround that addresses this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bgp-dos-O7stePhX">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bgp-dos-O7stePhX</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20115

Multiple vulnerabilities in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.<br><br> For more information about these vulnerabilities, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco IOS, IOS XE, and IOS XR Software SNMP Denial of Service Vulnerabilities%26vs_k=1#details">Details</a> section of this advisory.&nbsp;<br><br> Cisco plans to release software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. There are mitigations that address these vulnerabilities.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20169,CVE-2025-20170,CVE-2025-20171,CVE-2025-20172,CVE-2025-20173,CVE-2025-20174,CVE-2025-20175,CVE-2025-20176

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow a remote attacker to bypass authentication or execute arbitrary commands on the underlying operating system of an affected device.<br><br> For more information about these vulnerabilities, see the <a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5?vs_f=Cisco Security Advisory%26vs_cat=Security%20Intelligence%26vs_type=RSS%26vs_p=Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Vulnerabilities%26vs_k=1#details">Details</a> section of this advisory.&nbsp;<br><br> Cisco has not released software updates to address the vulnerabilities described in this advisory. There are no workarounds that address these vulnerabilities.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5" rel="nofollow">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbr042-multi-vuln-ej76Pke5</a><br><br> <br/>Security Impact Rating: Critical <br/>CVE: CVE-2023-20025,CVE-2023-20026,CVE-2023-20118

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow a low-privileged, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. &nbsp;<br><br> This vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.&nbsp;<br><br> There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-vuln-WbTcYwxG" target="_blank" rel="noopener">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-tms-xss-vuln-WbTcYwxG</a><br><br> <br/>Security Impact Rating: Medium <br/>CVE: CVE-2025-20208

A vulnerability in the interprocess communication (IPC) channel of Cisco Secure Client for Windows could allow an authenticated, local attacker to perform a DLL hijacking attack on an affected device if the Secure Firewall Posture Engine, formerly HostScan, is installed on Cisco Secure Client.<br><br> This vulnerability is due to insufficient validation of resources that are loaded by the application at run time. An attacker could exploit this vulnerability by sending a crafted IPC message to a specific Cisco Secure Client process. A successful exploit could allow the attacker to execute arbitrary code on the affected machine with <em>SYSTEM</em> privileges. To exploit this vulnerability, the attacker must have valid user credentials on the Windows system.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-dll-injection-AOyzEqSg">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secure-dll-injection-AOyzEqSg</a><br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20206