Vulnerability fixed in Cisco AnyConnect VPN for Meraki MX and Z

Cisco has fixed a vulnerability in the Cisco AnyConnect VPN server on Cisco Meraki MX and Z Series devices. The vulnerability is in how the Cisco AnyConnect VPN server initializes variables during the establishment of SSL VPN sessions. Unauthenticated remote attackers can exploit this...

PT-2025-26180 · Cisco · Cisco Meraki Z Series +2

Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX Firmware affected versions not specified Cisco Meraki Z Series Teleworker Gateway devices affected versions not specified Description: A vulnerability in the Cisco AnyConnect VPN server could allow an unauthenticated, remote...

Cisco Meraki Z和Cisco Meraki MX 安全漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A security vulnerability exists in Cisco Meraki Z and Cisco Meraki MX...

Cisco Meraki Z和Cisco Meraki MX 安全漏洞

Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A security vulnerability exists in Cisco Meraki Z and Cisco Meraki MX that stems...

VulnCheck KEV: CVE-2022-20933

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...

CVE-2024-20509

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service DoS condition for individual users of the AnyConnect VPN...

CVE-2024-20509

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to hijack an AnyConnect VPN session or cause a denial of service DoS condition for individual users of the AnyConnect VPN...

CVE-2024-20509

CVE-2024-20509 affects Cisco Meraki MX and Z Series Teleworker Gateway devices running Cisco AnyConnect VPN server. The issue arises from weak entropy in VPN authentication handlers and a race condition in the same process, enabling an unauthenticated, remote attacker to hijack an AnyConnect VPN ...

CVE-2024-20499

CVE-2024-20499 describes multiple DoS vulnerabilities in the Cisco AnyConnect VPN server used by Cisco Meraki MX and Z Series Teleworker Gateway devices. The flaws arise from insufficient validation of client-supplied parameters during SSL VPN session establishment, or from inadequate resource ma...

CVE-2024-20498 Cisco Meraki MX and Z3 Teleworker Gateway AnyConnect VPN Denial of Service Vulnerability

Multiple vulnerabilities in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a DoS condition in the AnyConnect service on an affected device. These vulnerabilities are due to insufficie...

Cisco Meraki Z和Cisco Meraki MX 资源管理错误漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A resource management error vulnerability exists in the Cisco Meraki ...

Cisco Meraki Z和Cisco Meraki MX 缓冲区错误漏洞

The Cisco Meraki Z and Cisco Meraki MX are both products of Cisco, Inc.The Cisco Meraki Z is an enterprise-class firewall, VPN gateway, and router.The Cisco Meraki MX is a multifunction security and SD-WAN enterprise appliance. A buffer error vulnerability exists in the Cisco Meraki Z and Cisco...

PT-2024-18669 · Cisco · Cisco Meraki Z Series Teleworker Gateway +2

Name of the Vulnerable Software and Affected Versions: Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices affected versions not specified Description: The issue is due to insufficient validation of client-supplied parameters while establishing an SSL VPN session. An attacker cou...

PT-2022-5809 · Cisco · Cisco Meraki Mx +3

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD with Snort 3 configured Cisco Meraki MX with Snort 3 configured Cisco Cyber Vision with Snort 3 configured Cisco Umbrella with Snort 3 configured Description: Multiple vulnerabilities in the Server Message...

PT-2022-6189 · Cisco · Cisco Meraki Mx +3

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Threat Defense FTD versions with Snort 3 configured Cisco Meraki MX versions with Snort 3 configured Cisco Cyber Vision versions with Snort 3 configured Cisco Umbrella versions with Snort 3 configured Description: Multiple...

CVE-2022-20933

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z3 Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of...

Cisco Meraki MX Series Security Appliances 安全漏洞

The Cisco Meraki MX Series Security Appliances are security routers from the Meraki MX Series by Cisco USA. The appliances feature LTE, SD-WAN, stateful firewalls, and an integrated Sourcefire Intrusion Prevention IPS engine for network security. A security vulnerability exists in the Cisco Merak...

Samba Vulnerability: Dancing Its Way to a Network Near You

OverviewToday, a new vulnerability affecting the widely used Samba software was released. Samba is the SMB/CIFS protocol commonly used in NIX operating systems. CVE-2017-7494 has the potential to impact many systems around the world. This vulnerability could allow a user to upload a shared librar...