Cisco released a security advisory to address an actively exploited vulnerability, tracked as CVE-2025-20352, impacting Cisco IOS and IOS XE Software. Successful exploitation of the vulnerability may allow a low-privileged attacker to cause the affected system to reload, resulting in a DoS condition. A high-privileged attacker may execute arbitrary code as the root user and … Continue reading “Cisco IOS and IOS XE Software Vulnerability Exploited in the Wild (CVE-2025-20352)”
Tag: Cisco IOS XE
Cisco IOS XE Wireless Controller Software Arbitrary File Upload Vulnerability (CVE-2025-20188)
Cisco released a security advisory to address a vulnerability in its IOS XE Wireless Controller that could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. Tracked as CVE-2025-20188, the vulnerability has a critical severity rating with a CVSS score of 10.
Cisco IOS XE Software Web UI Privilege Escalation Vulnerability Exploited in the Wild (CVE-2023-20198)
Cisco is aware of the active exploitation of a privilege escalation vulnerability in Cisco IOS XE Software Web UI. Tracked as CVE-2023-20198, the vulnerability may allow a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. An attacker may use the compromised account to gain control of the … Continue reading “Cisco IOS XE Software Web UI Privilege Escalation Vulnerability Exploited in the Wild (CVE-2023-20198)”