CVSS: 8.1EPSS: 0%CPEs: 231EXPL: 0CVE-2025-20160
https://notcve.org/view.php?id=CVE-2025-20160
24 Sep 2025 — A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required TACACS+ shared secret is configured. A machine-in-the-middle attacker could exploit this vulnerability by intercepting and reading unencrypted TACACS+ messages or impersonating the TACACS+ server and falsely accepti... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-tacacs-hdB7thJw • CWE-287: Improper Authentication •
CVSS: 8.6EPSS: 0%CPEs: 332EXPL: 0CVE-2025-20315
https://notcve.org/view.php?id=CVE-2025-20315
24 Sep 2025 — A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition. This vulnerability is due to improper handling of malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. An attacker could exploit this vulnerability by sending malformed CAPWAP packets through an affected device. A successful exploit could allow the atta... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nbar-dos-LAvwTmeT • CWE-805: Buffer Access with Incorrect Length Value •
CVSS: 4.3EPSS: 0%CPEs: 69EXPL: 0CVE-2025-20365
https://notcve.org/view.php?id=CVE-2025-20365
24 Sep 2025 — A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device. This vulnerability is due to a logic error in the processing of IPv6 RA packets that are received from wireless clients. An attacker could exploit this vulnerability by associating to a wireless network and sending a series of crafted IPv6 RA packets. A successful exploit could allow the attacker to temporar... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ipv6-gw-tUAzpn9O • CWE-940: Improper Verification of Source of a Communication Channel •
CVSS: 4.3EPSS: 0%CPEs: 69EXPL: 0CVE-2025-20364
https://notcve.org/view.php?id=CVE-2025-20364
24 Sep 2025 — A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point (AP) Software could allow an unauthenticated, adjacent attacker to inject wireless 802.11 action frames with arbitrary information. This vulnerability is due to insufficient verification checks of incoming 802.11 action frames. An attacker could exploit this vulnerability by sending 802.11 Device Analytics action frames with arbitrary parameters. A successful exploit could allow the attacker to inject Device Analy... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-action-frame-inj-QqCNcz8H • CWE-346: Origin Validation Error •
CVSS: 8.6EPSS: 0%CPEs: 668EXPL: 0CVE-2025-20239
https://notcve.org/view.php?id=CVE-2025-20239
14 Aug 2025 — A vulnerability in the Internet Key Exchange Version 2 (IKEv2) feature of Cisco IOS Software, IOS XE Software, Secure Firewall Adaptive Security Appliance (ASA) Software, and Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition. This vulnerability is due to a lack of proper processing of IKEv2 packets. An attacker could exploit this vulnerability by sending crafted IKEv2 packets to an affected... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-DOESHWHy • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 5.0EPSS: 0%CPEs: 204EXPL: 0CVE-2025-20195
https://notcve.org/view.php?id=CVE-2025-20195
07 May 2025 — A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an already authenticated user to follow a crafted link. A successful exploit could allow the attacker to clear the syslog, pa... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 5.5EPSS: 0%CPEs: 94EXPL: 0CVE-2025-20194
https://notcve.org/view.php?id=CVE-2025-20194
07 May 2025 — A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device. This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to read limited files from the underlying operating system or clear the syslog and licensing logs... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.8EPSS: 0%CPEs: 83EXPL: 0CVE-2025-20193
https://notcve.org/view.php?id=CVE-2025-20193
07 May 2025 — A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an authenticated, low-privileged, remote attacker to perform an injection attack against an affected device.r This vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending crafted input to the web-based management interface. A successful exploit could allow the attacker to read files from the underlying operating system. • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 6.7EPSS: 0%CPEs: 404EXPL: 0CVE-2025-20201
https://notcve.org/view.php?id=CVE-2025-20201
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.7EPSS: 0%CPEs: 404EXPL: 0CVE-2025-20200
https://notcve.org/view.php?id=CVE-2025-20200
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp • CWE-754: Improper Check for Unusual or Exceptional Conditions •