Privilege Escalation Vulnerability in Cisco Catalyst Center Virtual Appliance
CVE-2025-20341

8.8HIGH

Key Information:

Vendor: Cisco
Status: Cisco Digital Network Architecture Center (dna Center)
Vendor: CVE Published:; 13 November 2025

Badges

👾 Exploit Exists

What is CVE-2025-20341?

A vulnerability exists in the Cisco Catalyst Center Virtual Appliance that permits an authenticated remote attacker to escalate their privileges to Administrator. This flaw arises from inadequate validation of user-supplied input, enabling an attacker to exploit the system by sending a tailored HTTP request. Should the attack succeed, it provides the attacker with the ability to make unauthorized changes to the system, including the capacity to create new user accounts or enhance their own privileges. To successfully exploit this vulnerability, the attacker needs valid credentials corresponding to a user account with at least Observer permissions.

Affected Version(s)

Cisco Digital Network Architecture Center (DNA Center) 2.3.7.5-VA

Cisco Digital Network Architecture Center (DNA Center) 2.3.7.6-VA

Cisco Digital Network Architecture Center (DNA Center) 2.3.7.7-VA

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Nov 13, 2025
Vulnerability published
Nov 13, 2025
Vulnerability Reserved
Oct 10, 2024

JSON