Privilege Escalation Vulnerability in Cisco Catalyst Center Virtual Appliance
CVE-2025-20341

8.8HIGH

Key Information:

Vendor

Cisco
Status
Cisco Digital Network Architecture Center (dna Center)
Vendor
CVE Published:
13 November 2025

Badges

๐Ÿ‘พ Exploit Exists

What is CVE-2025-20341?

A vulnerability exists in the Cisco Catalyst Center Virtual Appliance that permits an authenticated remote attacker to escalate their privileges to Administrator. This flaw arises from inadequate validation of user-supplied input, enabling an attacker to exploit the system by sending a tailored HTTP request. Should the attack succeed, it provides the attacker with the ability to make unauthorized changes to the system, including the capacity to create new user accounts or enhance their own privileges. To successfully exploit this vulnerability, the attacker needs valid credentials corresponding to a user account with at least Observer permissions.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Cisco Digital Network Architecture Center (DNA Center) 2.3.7.5-VA

Cisco Digital Network Architecture Center (DNA Center) 2.3.7.6-VA

Cisco Digital Network Architecture Center (DNA Center) 2.3.7.7-VA

References

https://sec.cloudapps.cisco.com/security/center/content/C...

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

JSON
.