Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Cisco — Vulnerabilities & Security Advisories 3188

Browse all 3188 CVE security advisories affecting Cisco. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Cisco Systems operates as a global leader in networking hardware, software, and telecommunications services, providing critical infrastructure for enterprise connectivity and cloud security. With over 3,000 recorded CVEs, the company’s attack surface is extensive, reflecting the complexity of its diverse product portfolio. Historically, vulnerabilities frequently involve remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from legacy protocols or complex configuration interfaces. Notable incidents include the 2023 supply chain compromise affecting the Cisco AnyConnect Secure Mobility Client, which allowed attackers to bypass authentication mechanisms. These breaches highlight risks associated with widely deployed endpoint security agents. The sheer volume of disclosed issues underscores the challenges inherent in maintaining security across such a vast ecosystem of interconnected devices and software solutions, requiring rigorous patch management and continuous monitoring to mitigate potential exploitation by threat actors targeting critical network infrastructure.

Top products by Cisco: Cisco Small Business RV Series Router Firmware Cisco IOS XE Software Cisco Adaptive Security Appliance (ASA) Software Cisco Identity Services Engine Software Cisco Firepower Management Center Cisco IOS XR Software Cisco Firepower Threat Defense Software Cisco NX-OS Software Cisco Data Center Network Manager Cisco SD-WAN vManage Cisco SD-WAN Solution Cisco Webex Meetings Cisco Unified Communications Manager Cisco Prime Infrastructure IOS Cisco Enterprise NFV Infrastructure Software Cisco IOS Cisco WebEx WRF Player Cisco Digital Network Architecture Center (DNA Center) Cisco Catalyst SD-WAN Manager Cisco Email Security Appliance (ESA) Cisco Unified Contact Center Express Cisco Aironet Access Point Software Cisco Secure Firewall Adaptive Security Appliance (ASA) Software Cisco Unified Computing System (Managed) Cisco Application Policy Infrastructure Controller (APIC) Cisco Unity Connection Cisco Wireless LAN Controller (WLC) Cisco Web Security Appliance (WSA) Cisco AnyConnect Secure Mobility Client
CVE IDTitleCVSSSeverityPublished
CVE-2025-20135 Cisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-401 4.3 Medium2025-08-14
CVE-2025-20127 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software for Firepower 3100 and 4200 Series TLS Cipher Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-404 7.7 High2025-08-14
CVE-2025-20134 Cisco Adaptive Security Appliance and Firepower Threat Defense Software SSL/TLS Certificate Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-415 8.6 High2025-08-14
CVE-2025-20133 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-401 8.6 High2025-08-14
CVE-2025-20215 Cisco Webex Meeting Client Join Certificate Validation Vulnerability — Cisco Webex MeetingsCWE-295 5.4 Medium2025-08-06
CVE-2025-20332 Cisco Identity Services Engine Authorization Bypass Vulnerability — Cisco Identity Services Engine SoftwareCWE-863 4.3 Medium2025-08-06
CVE-2025-20331 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabiliy — Cisco Identity Services Engine SoftwareCWE-80 5.4 Medium2025-08-06
CVE-2025-20337 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 10.0 Critical2025-07-16
CVE-2025-20285 Cisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass Vulnerability — Cisco Identity Services Engine SoftwareCWE-302 4.1 Medium2025-07-16
CVE-2025-20288 Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability — Cisco Unified Contact Center ExpressCWE-918 5.8 Medium2025-07-16
CVE-2025-20284 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 6.5 Medium2025-07-16
CVE-2025-20283 Cisco Identity Services Engine Authenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 6.5 Medium2025-07-16
CVE-2025-20274 Cisco Unified Intelligence Center Arbitrary File Upload Vulnerability — Cisco Unified Contact Center ExpressCWE-434 6.3 Medium2025-07-16
CVE-2025-20272 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Blind SQL Injection Vulnerability — Cisco Evolved Programmable Network Manager (EPNM)CWE-89 4.3 Medium2025-07-16
CVE-2025-20309 Cisco Unified Communications Manager Static SSH Credentials Vulnerability — Cisco Unified Communications ManagerCWE-798 10.0 Critical2025-07-02
CVE-2025-20307 Cisco BroadWorks Application Delivery Platform Cross-Site Scripting Vulnerability — Cisco BroadWorksCWE-79 4.8 Medium2025-07-02
CVE-2025-20310 Cisco Enterprise Chat and Email Stored Cross-Site Scripting Vulnerability — Cisco Enterprise Chat and EmailCWE-79 6.1 Medium2025-07-02
CVE-2025-20308 Cisco Spaces Connector Privilege Escalation Vulnerability — Cisco DNA Spaces ConnectorCWE-78 6.0 Medium2025-07-02
CVE-2025-20282 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-269 10.0 Critical2025-06-25
CVE-2025-20281 Cisco ISE API Unauthenticated Remote Code Execution Vulnerability — Cisco Identity Services Engine SoftwareCWE-74 10.0 Critical2025-06-25
CVE-2025-20264 Cisco Identity Services Engine Authorization Bypass Vulnerability — Cisco Identity Services Engine SoftwareCWE-285 6.4 Medium2025-06-25
CVE-2025-20260 ClamAV PDF Scanning Buffer Overflow Vulnerability — ClamAVCWE-122 9.8 Critical2025-06-18
CVE-2025-20271 Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability — Cisco Meraki MX FirmwareCWE-457 8.6 High2025-06-18
CVE-2025-20234 ClamAV UDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability — Cisco Secure EndpointCWE-125 5.3 Medium2025-06-18
CVE-2025-20259 Cisco ThousandEyes Endpoint Agent for Windows Arbitrary File Write Vulnerability — Cisco ThousandEyes Endpoint AgentCWE-22 5.3 Medium2025-06-04
CVE-2025-20286 ISE on AWS Static Credential — Cisco Identity Services Engine SoftwareCWE-259 9.9 Critical2025-06-04
CVE-2025-20279 Cisco Unifed Contact Center Express Stored Cross-Site Scripting Vulnerability — Cisco Unified Contact Center ExpressCWE-79 4.8 Medium2025-06-04
CVE-2025-20278 Cisco Unified Communications Products Command Injection Vulnerability — Cisco FinesseCWE-77 6.0 Medium2025-06-04
CVE-2025-20277 Cisco Unified Contact Center Express Path Traversal Vulnerability — Cisco Unified Contact Center ExpressCWE-22 3.4 Low2025-06-04
CVE-2025-20276 Cisco Unified Contact Center Express Remote Code Execution Vulnerability — Cisco Unified Contact Center ExpressCWE-502 3.8 Low2025-06-04

This page lists every published CVE security advisory associated with Cisco. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.