Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

Cisco — Vulnerabilities & Security Advisories 3196

Browse all 3196 CVE security advisories affecting Cisco. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Cisco Systems operates as a global leader in networking hardware, software, and telecommunications services, providing critical infrastructure for enterprise connectivity and cloud security. With over 3,000 recorded CVEs, the company’s attack surface is extensive, reflecting the complexity of its diverse product portfolio. Historically, vulnerabilities frequently involve remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from legacy protocols or complex configuration interfaces. Notable incidents include the 2023 supply chain compromise affecting the Cisco AnyConnect Secure Mobility Client, which allowed attackers to bypass authentication mechanisms. These breaches highlight risks associated with widely deployed endpoint security agents. The sheer volume of disclosed issues underscores the challenges inherent in maintaining security across such a vast ecosystem of interconnected devices and software solutions, requiring rigorous patch management and continuous monitoring to mitigate potential exploitation by threat actors targeting critical network infrastructure.

Top products by Cisco: Cisco Small Business RV Series Router Firmware Cisco IOS XE Software Cisco Adaptive Security Appliance (ASA) Software Cisco Identity Services Engine Software Cisco Firepower Management Center Cisco IOS XR Software Cisco Firepower Threat Defense Software Cisco NX-OS Software Cisco Data Center Network Manager Cisco SD-WAN vManage Cisco SD-WAN Solution Cisco Webex Meetings Cisco Unified Communications Manager Cisco Prime Infrastructure IOS Cisco Enterprise NFV Infrastructure Software Cisco IOS Cisco Catalyst SD-WAN Manager Cisco WebEx WRF Player Cisco Digital Network Architecture Center (DNA Center) Cisco Email Security Appliance (ESA) Cisco Unified Contact Center Express Cisco Aironet Access Point Software Cisco Secure Firewall Adaptive Security Appliance (ASA) Software Cisco Unified Computing System (Managed) Cisco Application Policy Infrastructure Controller (APIC) Cisco Unity Connection Cisco Wireless LAN Controller (WLC) Cisco Web Security Appliance (WSA) Cisco AnyConnect Secure Mobility Client
CVE IDTitleCVSSSeverityPublished
CVE-2025-20225 Cisco多款产品 安全漏洞 — IOSCWE-401 5.8 Medium2025-08-14
CVE-2025-20224 Cisco Secure Firewall Adaptive Security Appliance和Cisco Secure Firewall Threat Defense 安全漏洞 — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-401 5.8 Medium2025-08-14
CVE-2025-20222 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Buffer Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-120 8.6 High2025-08-14
CVE-2025-20219 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Access Control Bypass Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-284 5.3 Medium2025-08-14
CVE-2025-20218 Cisco Secure Firepower Management Center Software XPATH Injection Vulnerability — Cisco Firepower Management CenterCWE-643 4.9 Medium2025-08-14
CVE-2025-20217 Cisco Firepower Threat Defense Intrusion Detection Denial of Service Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-835 8.6 High2025-08-14
CVE-2025-20148 Cisco Secure Firewall Management Center HTML Injection Vulnerability — Cisco Firepower Management CenterCWE-20 8.5 High2025-08-14
CVE-2025-20136 Cisco Adaptive Security Appliance and Firepower Threat Defense Software Network Address Translation DNS Inspection Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-835 8.6 High2025-08-14
CVE-2025-20135 Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-401 4.3 Medium2025-08-14
CVE-2025-20133 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-401 8.6 High2025-08-14
CVE-2025-20134 Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-415 8.6 High2025-08-14
CVE-2025-20127 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-404 7.7 High2025-08-14
CVE-2025-20215 Cisco Webex Meeting Client Join Certificate Validation Vulnerability — Cisco Webex MeetingsCWE-295 5.4 Medium2025-08-06
CVE-2025-20332 Cisco Identity Services Engine Authorization Bypass Vulnerability — Cisco Identity Services Engine SoftwareCWE-863 4.3 Medium2025-08-06
CVE-2025-20331 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabiliy — Cisco Identity Services Engine SoftwareCWE-80 5.4 Medium2025-08-06
CVE-2025-20337 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 10.0 Critical2025-07-16
CVE-2025-20285 Cisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass Vulnerability — Cisco Identity Services Engine SoftwareCWE-302 4.1 Medium2025-07-16
CVE-2025-20288 Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability — Cisco Unified Contact Center ExpressCWE-918 5.8 Medium2025-07-16
CVE-2025-20284 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 6.5 Medium2025-07-16
CVE-2025-20283 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 6.5 Medium2025-07-16
CVE-2025-20272 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability — Cisco Evolved Programmable Network Manager (EPNM)CWE-89 4.3 Medium2025-07-16
CVE-2025-20274 Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability — Cisco Unified Contact Center ExpressCWE-434 6.3 Medium2025-07-16
CVE-2025-20309 Cisco Unified Communications Manager Static SSH Credentials Vulnerability — Cisco Unified Communications ManagerCWE-798 10.0 Critical2025-07-02
CVE-2025-20307 Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability — Cisco BroadWorksCWE-79 4.8 Medium2025-07-02
CVE-2025-20310 Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability — Cisco Enterprise Chat and EmailCWE-79 6.1 Medium2025-07-02
CVE-2025-20308 Cisco Spaces Connector Privilege Escalation Vulnerability — Cisco DNA Spaces ConnectorCWE-78 6.0 Medium2025-07-02
CVE-2025-20282 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-269 10.0 Critical2025-06-25
CVE-2025-20264 Cisco Identity Services Engine Authorization Bypass Vulnerability — Cisco Identity Services Engine SoftwareCWE-285 6.4 Medium2025-06-25
CVE-2025-20281 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 10.0 Critical2025-06-25
CVE-2025-20260 ClamAV PDF Scanning Buffer Overflow Vulnerability — ClamAVCWE-122 9.8 Critical2025-06-18

This page lists every published CVE security advisory associated with Cisco. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.