Cisco News Articles

Attackers are leveraging Cisco Smart Licensing Utility static admin credentials (CVE-2024-20439) - Help Net Security

CVE-2024-20439, a static credential vulnerability in the Cisco Smart Licensing Utility, is being exploited by attackers, CISA warned.

2 weeks ago

Cisco confirms cyberattacks on Smart Licensing Utility flaw

CISA earlier this week added CVE-2024-20439, a static credential vulnerability in the license management app, to its known exploited vulnerabilities catalog.

2 weeks ago

Cisco warns of CSLU backdoor admin account used in attacks

Cisco warns admins to patch a critical Cisco Smart Licensing Utility (CSLU) vulnerability, which exposes a built-in backdoor admin account now used in attacks.

2 weeks ago

CISA adds CVE-2024-20439 to Known Exploited Vulnerabilities Catalog

CISA adds CVE-2024-20439 to its Known Exploited Vulnerabilities Catalog to address active exploitation risks across organizations.

2 weeks ago

Active Exploitation of Vulnerabilities in Cisco Smart Licensing Utility

There have been reports of active exploitation of vulnerabilities in unpatched Cisco Smart Licensing Utility instances.

3 weeks ago

Urgent Patch Needed For CVE-2024-20439 And CVE-2024-20440

Cisco alerts users to critical vulnerabilities CVE-2024-20439 and CVE-2024-20440 in CSLU.

3 weeks ago

Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility

Active exploitation of Cisco CVE-2024-20439 & 20440 in Smart Licensing forces urgent patching of vulnerable versions.

1 month ago

Hackers Target Cisco Smart Licensing Utility Vulnerabilities

SANS is seeing attempts to exploit two critical Cisco Smart Licensing Utility vulnerabilities tracked as CVE-2024-20439 and CVE-2024-20440.

1 month ago

Critical Cisco Smart Licensing Utility flaws now exploited in attacks

Attackers have started targeting Cisco Smart Licensing Utility (CSLU) instances unpatched against a vulnerability exposing a built-in backdoor admin account.

1 month ago

Cisco Smart Licensing Utility Vulnerabilities Under Hacker Exploitation

Recent reports indicate that hackers are actively trying to exploit two critical vulnerabilities in the Cisco Smart Licensing Utility.

1 month ago

Cisco Smart Licensing Utility flaws under attack

The SANS Internet Storm Center reported exploitation attempts against two critical vulnerabilities, which were initially disclosed in September.

1 month ago

Cisco Smart Licensing Utility flaws under attack

The SANS Internet Storm Center reported exploitation attempts against two critical vulnerabilities, which were initially disclosed in September.

1 month ago

Cisco IOS XR vulnerability lets attackers crash BGP on routers

Cisco has patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message.

100+ Malicious IPs Actively Exploiting Vulnerabilities in Cisco Devices

An aggressive campaign targeting Cisco networking equipment through two critical vulnerabilities, with state-backed actors and malicious hackers exploiting unpatched systems.

Salt Typhoon Exploits Cisco Devices in Telco Infrastructure

The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months.

Multiple Vulnerabilities in Cisco Identity Services Engine (ISE)

Cisco has released security updates to address critical vulnerabilities (CVE-2025-20124 and CVE-2025-20125) affecting their Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), regardless of device configuration.

Cisco’s ISE bugs could allow root-level command execution

The insecure deserialization and authorization bypass flaws could enable attackers to escalate privileges and run arbitrary commands.

Critical Cisco ISE Vulnerabilities Allow Arbitrary Command Execution Remotely

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) software that could allow authenticated, remote attackers to execute arbitrary commands, elevate privileges, and manipulate system configurations on affected devices. These vulnerabilities tracked as CVE-2025-2012...

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw - Help Net Security

Cisco fixed critical Meeting Management flaw (CVE-2025-20156) and a vuln (CVE-2025-20128) that can DDoS ClamAV on endpoints.

Cisco Fixes Critical Vulnerability in Meeting Management

The network equipment giant urged customers to patch immediately

ClamAV File Decryption Vulnerability Let Remote Attackers Trigger DoS Attack

This flaw, identified as CVE-2025-20128, could allow unauthenticated remote attackers to trigger a Denial of Service (DoS) condition on affected devices. The vulnerability is rated as Medium Severity with a CVSS base score of 5.3.

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management.

Cisco Industrial Wireless Software Flaw Let Attackers Run Command As Root User

A critical security vulnerability tracked as “CVE-2024-20418”, was detected recently in the web GUI of Cisco Unified Industrial Wireless Software installed on Ultra-Reliable Wireless Backhaul (URWB) Access Points.

Cisco scores an (im)perfect CVSS 10 with critical Wi-Fi flaw

Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert. The weakness – dubbed CVE-2024-20418 and made public yesterday – is...

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) - Help Net Security

Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) in its Ultra-Reliable Wireless Backhaul (URWB) Access Points.

Cisco Flaw Let Attackers Run Command as Root User

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.

CISA Warns of Cisco ASA & Roundcube Vulnerabilities Exploited in Wild

(CISA has announced the addition of two new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Cisco fixes bug under exploit in brute-force attacks

Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service...

Cisco fixes VPN DoS flaw discovered in password spray attacks

Cisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April.

Cisco ASA and FTD zero day used in password spraying attacks | Tech...

Another Cisco ASA and FTD vulnerability was disclosed on Wednesday. Organizations are urged to patch as its under active exploitation.

Cisco fixed tens of vulnerabilities, including an actively exploited one

Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign.

Cisco ASA Devices Vulnerable to SSH Remote Command Injection Flaw

Cisco has issued a critical security advisory regarding a vulnerability in its Adaptive Security Appliance (ASA) Software.

CVE-2024-20393 Description, Impact and Technical Details

CVE-2024-20393 is a vulnerability affecting Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which allows an authen…

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability [CVE-2024-20432]

CVE number = CVE-2024-20432 A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command...

Vulnerability Cisco Smart Licensing Utility | CVE-2024-20439

Security alert on Cisco Smart Licensing Utility software and Stormshield protection against CVE-2024-20439.

Cisco Systems Manager for Windows Vulnerability Let Attackers Escalate Privilege

Cisco Systems Manager Vulnerability, CVE-2024-20430, allows authenticated local attackers to execute arbitrary code.

Cisco IOS Verification Flaw Let Attackers Execute Arbitrary Code

Cisco has been discovered with an arbitrary code execution flaw on their Cisco IOS XR Software image verification checks, which allows an authenticated, local attacker to execute arbitrary code on their underlying operating system.

Critical Cisco Expressway Flaw Let Remote Execute Arbitrary Code

Cisco patched the CSRF vulnerabilities identified as CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6).

Hackers target recently disclosed LiteSpeed Cache vulnerability.

Halliburton sustains cyberattack. Chinese threat actor exploited Cisco zero-day.

Zero-day Cisco switch bug being exploited by cyber actors

The flaw, tracked as CVE-2024-20399 with a CVSS score of 6.0, allows attackers with valid admin credentials to bypass the NX-OS command line interface and execute arbitrary commands on the underlying Linux OS.

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Chinese hackers exploit Cisco switch vulnerability to gain system control and evade detection. Cybersecurity firm uncovers sophisticated espionage cam

Maximum severity Cisco SSM On-Prem vulnerability addressed

Such a vulnerability, tracked as CVE-2024-20419, could be exploited to facilitate web UI or API access and eventually allow the unauthenticated creation of new user passwords, according to Cisco.

Cisco patches vulnerability allowing attackers to change admin passwords

Named CVE-2024-20419, the bug affecting Cisco Smart Software Manager On-Prem carries the maximum possible CVSS rating.

Critical Cisco bug lets hackers add root users on SEG devices

Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments.

Critical Cisco bug allows crims to change admin passwords

Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins. Tracked as CVE-2024-20419, the bug carries a maximum 10/10 CVSS 3.1...

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) - Help Net Security

CVE-2024-20401 enables overwriting files on Cisco Secure Email Gateways, CVE-2024-20419 allows changing account passwords on SSM On-Prem.

Cisco plugs zero-day abused by suspected Chinese cyber spies

Cisco switch owners should probably apply the patch that just dropped for a vulnerability that was exploited in April as a zero-day to install malware on an array of its Nexus switches. On paper,...

Novel Cisco NX-OS zero-day leveraged by Chinese hackers

Chinese state-backed hacking group Velvet Ant targeted Cisco network switches with NX-OS software impacted by the newly discovered zero-day, tracked as CVE-2024-20399, as part of a cyberespionage attack in April, according to The Record, a news site by cybersecurity firm Recorded Future.

Patch Now: Cisco Zero-Day Under Fire From Chinese APT

Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware.