385 matches found
CVE-2025-20137
A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...
CVE-2025-20181
A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...
CVE-2025-20181
CVE-2025-20181 affects Cisco IOS Software on Catalyst 2960X/2960XR/2960CX/3560CX switches. Root cause: missing signature verification for files loaded during boot, enabling an attacker with physical access or a privileged user to execute persistent code at boot and break the chain of trust. Affec...
CVE-2025-20181
A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...
CVE-2025-20137
A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...
CVE-2025-20154
Summary of CVE-2025-20154 (Cisco TWAMP DoS) : The vulnerability affects Cisco IOS, IOS XE, and IOS XR TWAMP server functionality. It arises from out-of-bounds array access when processing crafted TWAMP control packets, enabling an unauthenticated, remote attacker to cause a reload of the affected...
CVE-2025-20151 Cisco IOS and IOS XE Software SNMPv3 Configuration Restriction Vulnerability
A vulnerability in the implementation of the Simple Network Management Protocol Version 3 SNMPv3 feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to poll an affected device using SNMP, even if the device is configured to deny SNMP traffic from ...
CVE-2025-20151
CVE-2025-20151 affects Cisco IOS and IOS XE SNMPv3 configuration handling. The issue arises from how SNMPv3 settings are stored in startup configuration, allowing an authenticated remote attacker with valid SNMPv3 credentials to poll the device from a source address or interface that should be de...
CVE-2025-20191 Multiple Cisco Products Denial of Service Vulnerability
A vulnerability in the Switch Integrated Security Features SISF of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller WLC AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition on an affected...
Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches Secure Boot Bypass Vulnerability
A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the...
Cisco IOS Software Industrial Ethernet Switch Device Manager Privilege Escalation Vulnerability
A vulnerability in the Cisco Industrial Ethernet Switch Device Manager DM of Cisco IOS Software could allow an authenticated, remote attacker to elevate privileges. This vulnerability is due to insufficient validation of authorizations for authenticated users. An attacker could exploit this...
Cisco IOS, IOS XE, and IOS XR Software TWAMP Denial of Service Vulnerability
A vulnerability in the Two-Way Active Measurement Protocol TWAMP server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service DoS condition. For Cisco IOS XR Software, this...
Cisco IOS Software on Cisco Catalyst 1000 and 2960L Switches Access Control List Bypass Vulnerability
A vulnerability in the access control list ACL programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL a...
PT-2025-20263
Name of the Vulnerable Software and Affected Versions Cisco IOS Software affected versions not specified Cisco IOS XE Software affected versions not specified Cisco NX-OS Software affected versions not specified Cisco Wireless LAN Controller WLC AireOS Software affected versions not specified...
PT-2025-20256 · Cisco · Cisco Ios
Name of the Vulnerable Software and Affected Versions: Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches affected versions not specified Description: A vulnerability in the software could allow an authenticated, local attacker with high privilege levels or an...
PT-2025-20268 · Cisco · Cisco Ios Xe +2
Name of the Vulnerable Software and Affected Versions: Cisco IOS Software and Cisco IOS XE Software affected versions not specified Description: A vulnerability in the Cisco IOx application hosting environment could allow an unauthenticated, remote attacker to cause the environment to stop...
Cisco IOS Software Intermediate System to Intermediate System DoS (cisco-sa-isis-sGjyOUHX)
According to its self-reported version, Cisco IOS is affected by a vulnerability. - A vulnerability in the Intermediate System-to-Intermediate System IS-IS protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS...
CVE-2025-20169
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...
CVE-2025-20170
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...
CVE-2025-20175
A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this...