Cisco News Articles

Salt Typhoon Exploits Cisco Devices in Telco Infrastructure

The China-sponsored state espionage group has exploited known, older bugs in Cisco gear for successful cyber intrusions on six continents in the past two months.

3 weeks ago

Multiple Vulnerabilities in Cisco Identity Services Engine (ISE)

Cisco has released security updates to address critical vulnerabilities (CVE-2025-20124 and CVE-2025-20125) affecting their Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), regardless of device configuration.

4 weeks ago

Cisco’s ISE bugs could allow root-level command execution

The insecure deserialization and authorization bypass flaws could enable attackers to escalate privileges and run arbitrary commands.

Critical Cisco ISE Vulnerabilities Allow Arbitrary Command Execution Remotely

Cisco has disclosed two critical vulnerabilities in its Identity Services Engine (ISE) software that could allow authenticated, remote attackers to execute arbitrary commands, elevate privileges, and manipulate system configurations on affected devices. These vulnerabilities tracked as CVE-2025-2012...

Cisco fixes ClamAV vulnerability with available PoC and critical Meeting Management flaw - Help Net Security

Cisco fixed critical Meeting Management flaw (CVE-2025-20156) and a vuln (CVE-2025-20128) that can DDoS ClamAV on endpoints.

Cisco Fixes Critical Vulnerability in Meeting Management

The network equipment giant urged customers to patch immediately

Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)

Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management.

Cisco Industrial Wireless Software Flaw Let Attackers Run Command As Root User

A critical security vulnerability tracked as “CVE-2024-20418”, was detected recently in the web GUI of Cisco Unified Industrial Wireless Software installed on Ultra-Reliable Wireless Backhaul (URWB) Access Points.

Cisco scores an (im)perfect CVSS 10 with critical Wi-Fi flaw

Cisco is issuing a critical alert notice about a flaw that makes its so-called Ultra-Reliable Wireless Backhaul systems easy to subvert. The weakness – dubbed CVE-2024-20418 and made public yesterday – is...

Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) - Help Net Security

Cisco has fixed a critical command injection vulnerability (CVE-2024-20418) in its Ultra-Reliable Wireless Backhaul (URWB) Access Points.

Cisco Flaw Let Attackers Run Command as Root User

A critical vulnerability has been discovered in Cisco Unified Industrial Wireless Software, which affects Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points.

CISA Warns of Cisco ASA & Roundcube Vulnerabilities Exploited in Wild

(CISA has announced the addition of two new vulnerabilities to its Known Exploited Vulnerabilities Catalog.

Cisco fixes bug under exploit in brute-force attacks

Cisco has patched an already exploited security hole in its Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) software that miscreants have been brute-forcing in attempted denial of service...

Cisco fixes VPN DoS flaw discovered in password spray attacks

Cisco fixed a denial of service flaw in its Cisco ASA and Firepower Threat Defense (FTD) software, which was discovered during large-scale brute force attacks against Cisco VPN devices in April.

Cisco ASA and FTD zero day used in password spraying attacks | Tech...

Another Cisco ASA and FTD vulnerability was disclosed on Wednesday. Organizations are urged to patch as its under active exploitation.

Cisco fixed tens of vulnerabilities, including an actively exploited one

Cisco patched vulnerabilities in ASA, FMC, and FTD products, including one actively exploited in a large-scale brute-force attack campaign.

Cisco ASA Devices Vulnerable to SSH Remote Command Injection Flaw

Cisco has issued a critical security advisory regarding a vulnerability in its Adaptive Security Appliance (ASA) Software.

CVE-2024-20393 Description, Impact and Technical Details

CVE-2024-20393 is a vulnerability affecting Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers, which allows an authen…

Cisco Nexus Dashboard Fabric Controller Arbitrary Command Execution Vulnerability [CVE-2024-20432]

CVE number = CVE-2024-20432 A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command...

Cisco Systems Manager for Windows Vulnerability Let Attackers Escalate Privilege

Cisco Systems Manager Vulnerability, CVE-2024-20430, allows authenticated local attackers to execute arbitrary code.

Cisco IOS Verification Flaw Let Attackers Execute Arbitrary Code

Cisco has been discovered with an arbitrary code execution flaw on their Cisco IOS XR Software image verification checks, which allows an authenticated, local attacker to execute arbitrary code on their underlying operating system.

Critical Cisco Expressway Flaw Let Remote Execute Arbitrary Code

Cisco patched the CSRF vulnerabilities identified as CVE-2024-20252 and CVE-2024-20254 (CVSS score: 9.6).

Hackers target recently disclosed LiteSpeed Cache vulnerability.

Halliburton sustains cyberattack. Chinese threat actor exploited Cisco zero-day.

Zero-day Cisco switch bug being exploited by cyber actors

The flaw, tracked as CVE-2024-20399 with a CVSS score of 6.0, allows attackers with valid admin credentials to bypass the NX-OS command line interface and execute arbitrary commands on the underlying Linux OS.

Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

Chinese hackers exploit Cisco switch vulnerability to gain system control and evade detection. Cybersecurity firm uncovers sophisticated espionage cam

Maximum severity Cisco SSM On-Prem vulnerability addressed

Such a vulnerability, tracked as CVE-2024-20419, could be exploited to facilitate web UI or API access and eventually allow the unauthenticated creation of new user passwords, according to Cisco.

Cisco patches vulnerability allowing attackers to change admin passwords

Named CVE-2024-20419, the bug affecting Cisco Smart Software Manager On-Prem carries the maximum possible CVSS rating.

Critical Cisco bug lets hackers add root users on SEG devices

Cisco has fixed a critical severity vulnerability that lets attackers add new users with root privileges and permanently crash Security Email Gateway (SEG) appliances using emails with malicious attachments.

Critical Cisco bug allows crims to change admin passwords

Cisco just dropped a patch for a maximum-severity vulnerability that allows attackers to change the password of any user, including admins. Tracked as CVE-2024-20419, the bug carries a maximum 10/10 CVSS 3.1...

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419) - Help Net Security

CVE-2024-20401 enables overwriting files on Cisco Secure Email Gateways, CVE-2024-20419 allows changing account passwords on SSM On-Prem.

Cisco plugs zero-day abused by suspected Chinese cyber spies

Cisco switch owners should probably apply the patch that just dropped for a vulnerability that was exploited in April as a zero-day to install malware on an array of its Nexus switches. On paper,...

Novel Cisco NX-OS zero-day leveraged by Chinese hackers

Chinese state-backed hacking group Velvet Ant targeted Cisco network switches with NX-OS software impacted by the newly discovered zero-day, tracked as CVE-2024-20399, as part of a cyberespionage attack in April, according to The Record, a news site by cybersecurity firm Recorded Future.

Patch Now: Cisco Zero-Day Under Fire From Chinese APT

Threat actor "Velvet Ant" has been exploiting a vulnerability in Cisco's NX-OS Software for managing a variety of switches, executing commands and dropping custom malware.

思科針對網路設備作業系統NX-OS零時差漏洞提出警告，中國駭客Velvet Ant將其用於散布惡意軟體

本週思科公布旗下網路設備作業系統NX-OS的漏洞CVE-2024-20399，並指出已在3個月前出現攻擊行動，通報此事的資安業者Sygnia表示，中國駭客Velvet Ant已將其用於網路間諜活動

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies

Cisco has patched an NX-OS command injection zero-day exploited by China-linked cyberespionage group Velvet Ant.

Threat Brief: Cisco IOS XE Web UI Privilege Escalation Vulnerability (Updated)

CVE-2023-20198 impacts Cisco IOS XE devices and allows attackers full admin access. Our overview includes attack surface telemetry of potential impact.

Top Cyber Security Informer Penetration Testing Artificial Intelligence Content for Thu.May 23, 2024

Best content around Penetration Testing Artificial Intelligence selected by the Cyber Security Informer community.

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A vulnerability has been identified in the web-based management interface of Cisco FMC Software, potentially allowing authentication.

Multiple Cisco Products Vulnerabilities - Rewterz

Cisco Firepower Management Center Software is vulnerable to SQL injection.

Norway issues warning after ‘important businesses’ affected by Cisco zero-days

The chief of Norway's NSM agency said the pair of zero-day vulnerabilities affecting Cisco IOS XE had created a "very serious" situation for some organizations.

Kroll analysts respond to exploitation of vulnerability within the web user interface (UI) functionality of Cisco IOS XE. Read more.

Kroll analysts respond to exploitation of vulnerability within the web user interface (UI) functionality of Cisco IOS XE. Read more.

Week in review: Two Cisco ASA zero-days exploited, MITRE breach, GISEC Global 2024 - Help Net Security

Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Hackers backdoored Cisco ASA devices via two zero-days

Cisco Zero-Days Anchor 'ArcaneDoor' Cyber Espionage Campaign

Attacks by a previously unknown state-sponsored actor leveraged two bugs in firewall devices to install custom backdoors on several government networks globally.

Cisco zero-day flaws in ASA, FTD software under attack | TechTarget

Cisco said two zero-day flaws in its ASA and FTD products were exploited by a nation-state threat actor in a campaign called 'ArcaneDoor.'

ArcaneDoor Exploiting Cisco Zero-Days To Attack Government Networks

Hackers target Cisco zero-days as they can abuse the widely used networking equipment that contains vulnerabilities which means they can affect many systems and networks in one shot. 

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) - Help Net Security

Attackers have used two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on government Cisco ASA appliances.

Vulnerability • InfoTech & InfoSec News

CVE-2024-20295: Cisco Integrated Management Controller CLI Command Injection VulnerabilityCisco has released updates to address a critical vulnerability in its Integrated Management Controller, which allows...

Cisco discloses high-severity vulnerability, PoC available | TechTa...

Cisco published a security advisory for the vulnerability tracked as CVE-2024-20295 and urged users to upgrade to fixed versions.

CVE-2024-20356: Jailbreaking a Cisco appliance to run DOOM

Exploiting remote code execution in Cisco's CIMC management system and jailbreaking the device to run untrusted code

Cisco'dan Kritik Zafiyet Uyarısı! - ÇözümPark

Cisco, Integrated Management Controller (IMC)’da tespit edilen ve saldırganlara root yetkiler sağlayan kritik zafiyet için güncelleme yayınlandı. İşin en kötü tarafı zafiyete ait exploit’in public olarak yayınlanmış olması. CVE-2024-20295 olarak izlenen versayılan yapılandırmalarda zafiyet aşağıdaki...