Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1325 CNY

100%
Buy Us a Coffee

cisco — Vulnerabilities & Security Advisories 3206

Browse all 3206 CVE security advisories affecting cisco. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Cisco Systems operates as a global leader in networking hardware, software, and telecommunications services, providing critical infrastructure for enterprise connectivity and cloud security. With over 3,000 recorded CVEs, the company’s attack surface is extensive, reflecting the complexity of its diverse product portfolio. Historically, vulnerabilities frequently involve remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from legacy protocols or complex configuration interfaces. Notable incidents include the 2023 supply chain compromise affecting the Cisco AnyConnect Secure Mobility Client, which allowed attackers to bypass authentication mechanisms. These breaches highlight risks associated with widely deployed endpoint security agents. The sheer volume of disclosed issues underscores the challenges inherent in maintaining security across such a vast ecosystem of interconnected devices and software solutions, requiring rigorous patch management and continuous monitoring to mitigate potential exploitation by threat actors targeting critical network infrastructure.

Top products by cisco: Cisco Small Business RV Series Router Firmware Cisco IOS XE Software Cisco Adaptive Security Appliance (ASA) Software Cisco Identity Services Engine Software Cisco Firepower Management Center Cisco IOS XR Software Cisco Firepower Threat Defense Software Cisco NX-OS Software Cisco Data Center Network Manager Cisco SD-WAN vManage Cisco SD-WAN Solution Cisco Unified Communications Manager Cisco Webex Meetings Cisco Prime Infrastructure IOS Cisco Enterprise NFV Infrastructure Software Cisco IOS Cisco Catalyst SD-WAN Manager Cisco WebEx WRF Player Cisco Digital Network Architecture Center (DNA Center) Cisco Email Security Appliance (ESA) Cisco Aironet Access Point Software Cisco Unified Contact Center Express Cisco Secure Firewall Adaptive Security Appliance (ASA) Software Cisco Unified Computing System (Managed) Cisco Application Policy Infrastructure Controller (APIC) Cisco Unity Connection Cisco Wireless LAN Controller (WLC) Cisco Web Security Appliance (WSA) Cisco AnyConnect Secure Mobility Client
CVE IDTitleCVSSSeverityPublished
CVE-2025-20291 Cisco Webex Meetings 输入验证错误漏洞 — Cisco Webex MeetingsCWE-601 4.3 Medium2025-09-03
CVE-2025-20335 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Arbitrary File Write Vulnerability — Cisco Session Initiation Protocol (SIP) SoftwareCWE-284 5.3 Medium2025-09-03
CVE-2025-20336 Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875 with SIP Firmware Information Disclosure Vulnerability — Cisco Session Initiation Protocol (SIP) SoftwareCWE-200 5.3 Medium2025-09-03
CVE-2025-20330 Cisco Unified Communications Manager IM and Presence Cross-Site Scripting Vulnerability — Cisco Unified Communications Manager IM and Presence ServiceCWE-79 6.1 Medium2025-09-03
CVE-2025-20280 Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability — Cisco Evolved Programmable Network Manager (EPNM)CWE-79 4.8 Medium2025-09-03
CVE-2025-20326 Cisco Unified Communications Manager Cross-Site Request Forgery Vulnerability — Cisco Unified Communications ManagerCWE-352 4.3 Medium2025-09-03
CVE-2025-20287 Cisco Evolved Programmable Network Manager Arbitrary File Upload Vulnerability — Cisco Evolved Programmable Network Manager (EPNM)CWE-434 4.3 Medium2025-09-03
CVE-2025-20270 Cisco Evolved Programmable Network Manager Information Disclosure Vulnerability — Cisco Evolved Programmable Network Manager (EPNM)CWE-200 4.3 Medium2025-09-03
CVE-2025-20241 Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol <TBD> Denial of Service Vulnerability — Cisco NX-OS SoftwareCWE-733 7.4 High2025-08-27
CVE-2025-20262 Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability — Cisco NX-OS SoftwareCWE-476 5.0 Medium2025-08-27
CVE-2025-20290 Cisco NXOS Software Sensitive Log Information Disclosure Vulnerability — Cisco NX-OS SoftwareCWE-200 5.5 Medium2025-08-27
CVE-2025-20292 Cisco NXOS Software Command Injection Vulnerability — Cisco NX-OS SoftwareCWE-78 4.4 Medium2025-08-27
CVE-2025-20295 Cisco UCS Manager Software Command Injection Vulnerability — Cisco Unified Computing System (Managed)CWE-78 6.0 Medium2025-08-27
CVE-2025-20294 Cisco UCS Manager Software Command Injection Vulnerability — Cisco Unified Computing System (Managed)CWE-78 6.5 Medium2025-08-27
CVE-2025-20317 Cisco UCS Virtual Keyboard Video Monitor (vKVM) Open Redirect Vulnerability — Cisco Unified Computing System (Managed)CWE-601 7.1 High2025-08-27
CVE-2025-20342 Cisco Integrated Management Controller Virtual Keyboard Video Monitor (vKVM) Stored Cross-Site Scripting Vulnerability — Cisco Unified Computing System (Managed)CWE-80 5.4 Medium2025-08-27
CVE-2025-20296 Cisco UCS Manager Software Stored Software Stored Cross-Site Scripting Vulnerability — Cisco Unified Computing System (Managed)CWE-79 5.4 -2025-08-27
CVE-2025-20348 Cisco Nexus Dashboard Unauthorized REST API Vulnerability — Cisco Nexus DashboardCWE-201 5.0 Medium2025-08-27
CVE-2025-20347 Cisco Nexus Dashboard Fabric Controller Unauthorized REST API Vulnerability — Cisco Data Center Network ManagerCWE-693 5.4 Medium2025-08-27
CVE-2025-20344 Cisco Nexus Dashboard Path Traversal Vulnerability — Cisco Nexus DashboardCWE-22 6.5 Medium2025-08-27
CVE-2025-20345 Cisco Duo Authentication Proxy Information Disclosure Vulnerability — Cisco Duo Authentication ProxyCWE-200 4.9 Medium2025-08-20
CVE-2025-20269 Cisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download Vulnerability — Cisco Evolved Programmable Network Manager (EPNM)CWE-73 6.5 Medium2025-08-20
CVE-2025-20131 Cisco Identity Services Engine Arbitrary File Upload Vulnerability — Cisco Identity Services Engine SoftwareCWE-284 4.9 Medium2025-08-20
CVE-2025-20220 Cisco Secure Firewall Management Center和Cisco Secure Firewall Threat Defense 操作系统命令注入漏洞 — Cisco Firepower Management CenterCWE-78 6.0 Medium2025-08-14
CVE-2025-20306 Cisco Secure Firewall Management Center Software Command Injection Vulnerability — Cisco Firepower Management CenterCWE-77 4.9 Medium2025-08-14
CVE-2025-20302 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability — Cisco Firepower Management CenterCWE-862 4.3 Medium2025-08-14
CVE-2025-20301 Cisco Secure Firewall Management Center Software Authorization Bypass Vulnerability — Cisco Firepower Management CenterCWE-862 6.5 Medium2025-08-14
CVE-2025-20268 Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability — Cisco Firepower Threat Defense SoftwareCWE-229 5.8 Medium2025-08-14
CVE-2025-20265 Cisco Secure Firewall Management Center Software Radius Remote Code Execution Vulnerability — Cisco Firepower Management CenterCWE-74 10.0 Critical2025-08-14
CVE-2025-20263 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Buffer Overflow Denial of Service Vulnerability — Cisco Adaptive Security Appliance (ASA) SoftwareCWE-680 8.6 High2025-08-14

This page lists every published CVE security advisory associated with cisco. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.