Cisco Products Multiple Vulnerabilities
Release Date: 9 May 2025
RISK: Medium Risk
TYPE: Security software and application - Security Software & Appliance
Multiple vulnerabilities were identified in Cisco products. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, security restriction bypass, sensitive information disclosure and data manipulation on the targeted system.
Impact
- Denial of Service
- Elevation of Privilege
- Remote Code Execution
- Security Restriction Bypass
- Information Disclosure
- Data Manipulation
System / Technologies affected
- 1000 Series Integrated Services Routers (ISRs)
- 1100 Series Integrated Service Routers (ISRs)
- 4000 Series ISRs
- 800 Series Industrial ISRs
- Catalyst 1000 Switches
- Catalyst 2960-L Series Switches
- Catalyst 2960CX Series Switches
- Catalyst 2960X Series Switches
- Catalyst 2960XR Series Switches
- Catalyst 3560CX Series Switches
- Catalyst 8200 Series Edge Platforms
- Catalyst 8300 Series Edge Platforms
- Catalyst 8500 Series Edge Platforms
- Catalyst 8500L Series Edge Platforms
- Catalyst 9100 Family of Access Points (COS-AP)
- Catalyst 9800 Embedded Wireless Controller for Catalyst 9300, 9400, and 9500 Series Switches
- Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300, 9400, and 9500 Series Switches
- Catalyst 9800 Series Wireless Controllers
- Catalyst 9800-CL Wireless Controllers for Cloud
- CGR1000 Compute Modules
- Cisco ASA Software
- Cisco ASR 903 Aggregation Services Routers with RSP3C
- Cisco FTD Software
- Cisco IOS Software
- Cisco IOS XE Software
- Cisco IOS XE Software for WLCs
- Cisco WLC AireOS Software
- Embedded Wireless Controller on Catalyst 9100X Series Access Points
- Embedded Wireless Controller on Catalyst APs
- Embedded Wireless Controllers on Catalyst Access Points
- Embedded Wireless Controllers on Catalyst APs
- IC3000 Industrial Compute Gateways
- IE 2000 Series
- IE 4000 Series
- IE 4010 Series
- IE 5000 Series
- Integrated access points (APs) in Integrated Service Routers (ISR)1100 (Wi-Fi 6)
- IR510 WPAN Industrial Routers
- Wi-Fi 6 pluggable module for Catalyst IR1800 Rugged Series Routers
Solutions
Before installation of the software, please visit the vendor web-site for more details.
Apply fixes issued by the vendor:
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960-3560-sboot-ZtqADrHq
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-privesc-wCRd5e3
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-gVn3OKNC
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
Vulnerability Identifier
- CVE-2025-20137
- CVE-2025-20140
- CVE-2025-20151
- CVE-2025-20154
- CVE-2025-20155
- CVE-2025-20162
- CVE-2025-20164
- CVE-2025-20181
- CVE-2025-20182
- CVE-2025-20186
- CVE-2025-20188
- CVE-2025-20189
- CVE-2025-20190
- CVE-2025-20191
- CVE-2025-20192
- CVE-2025-20193
- CVE-2025-20194
- CVE-2025-20195
- CVE-2025-20196
- CVE-2025-20197
- CVE-2025-20198
- CVE-2025-20199
- CVE-2025-20200
- CVE-2025-20201
- CVE-2025-20202
- CVE-2025-20214
Source
Related Link
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960-3560-sboot-ZtqADrHq
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-privesc-wCRd5e3
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-gVn3OKNC
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
沒有留言:
發佈留言