CVSS: 5.0EPSS: 0%CPEs: 204EXPL: 0CVE-2025-20195
https://notcve.org/view.php?id=CVE-2025-20195
07 May 2025 — A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to perform a CSRF attack and execute commands on the CLI of an affected device. This vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an already authenticated user to follow a crafted link. A successful exploit could allow the attacker to clear the syslog, pa... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.7EPSS: 0%CPEs: 404EXPL: 0CVE-2025-20201
https://notcve.org/view.php?id=CVE-2025-20201
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.7EPSS: 0%CPEs: 404EXPL: 0CVE-2025-20200
https://notcve.org/view.php?id=CVE-2025-20200
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 4.6EPSS: 0%CPEs: 400EXPL: 0CVE-2025-20199
https://notcve.org/view.php?id=CVE-2025-20199
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp •
CVSS: 4.6EPSS: 0%CPEs: 332EXPL: 0CVE-2025-20198
https://notcve.org/view.php?id=CVE-2025-20198
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 6.7EPSS: 0%CPEs: 323EXPL: 0CVE-2025-20197
https://notcve.org/view.php?id=CVE-2025-20197
07 May 2025 — A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the unde... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp • CWE-20: Improper Input Validation •
CVSS: 5.3EPSS: 0%CPEs: 131EXPL: 0CVE-2025-20196
https://notcve.org/view.php?id=CVE-2025-20196
07 May 2025 — A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to cause t... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b • CWE-307: Improper Restriction of Excessive Authentication Attempts •
CVSS: 7.7EPSS: 0%CPEs: 189EXPL: 0CVE-2025-20192
https://notcve.org/view.php?id=CVE-2025-20192
07 May 2025 — A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability. This vulnerability is due to improper validation of IKEv1 phase 2 parameters before the IPsec security association creation request is handed off to the hardware cryptographic accelerator of an affected device. An attacker could exploi... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC • CWE-232: Improper Handling of Undefined Values •
CVSS: 7.4EPSS: 0%CPEs: 260EXPL: 0CVE-2025-20189
https://notcve.org/view.php?id=CVE-2025-20189
07 May 2025 — A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper memory management when Cisco IOS XE Software is processing Address Resolution Protocol (ARP) messages. An attacker could exploit this vulnerability by sending crafted ARP messages at a high rate over a pe... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ • CWE-762: Mismatched Memory Management Routines •
CVSS: 7.7EPSS: 0%CPEs: 1197EXPL: 0CVE-2025-20169 – Cisco IOS XE SNMP GET-NEXT ciscoFlashFileSize Unexpected Sign Extension Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20169
05 Feb 2025 — A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. This vulnerability affe... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-dos-sdxnSUcW • CWE-805: Buffer Access with Incorrect Length Value •