24h | 7d | 30d

CVE-2023-20198

Overview

  • Cisco
  • Cisco IOS XE Software
16 Oct 2023
Published
21 Oct 2025
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
94.01%
KEV

Description

Cisco is providing an update for the ongoing investigation into observed exploitation of the web UI feature in Cisco IOS XE Software. We are updating the list of fixed releases and adding the Software Checker. Our investigation has determined that the actors exploited two previously unknown issues. The attacker first exploited CVE-2023-20198 to gain initial access and issued a privilege 15 command to create a local user and password combination. This allowed the user to log in with normal user access. The attacker then exploited another component of the web UI feature, leveraging the new local user to elevate privilege to root and write the implant to the file system. Cisco has assigned CVE-2023-20273 to this issue. CVE-2023-20198 has been assigned a CVSS Score of 10.0. CVE-2023-20273 has been assigned a CVSS Score of 7.2. Both of these CVEs are being tracked by CSCwh87343.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture fallback
datatofu @drmorrisj

(  ̄▽ ̄)
[DYNAMIC-IMPUTE] Patched CVE-2010-3035 -> Inferred CWE-20 (Mode: worst_case) -> Synthetic CVSS: 9.8
[DYNAMIC-IMPUTE] Patched CVE-2020-3259 -> Inferred CWE-200 (Mode: worst_case) -> Synthetic CVSS: 8.2
[DYNAMIC-IMPUTE] Patched CVE-2022-20821 -> Inferred CWE-20 (Mode: worst_case) -> Synthetic CVSS: 9.8
[DYNAMIC-IMPUTE] Patched CVE-2023-20198 -> Inferred CWE-420 (Mode: worst_case) -> Synthetic CVSS: 9.5
[DYNAMIC-IMPUTE] Patched CVE-2018-0179 -> Inferred CWE-399 (Mode: worst_case) -> ...

  • 0
  • 0
  • 0
  • 3h ago

CVE-2022-20821

Overview

  • Cisco
  • Cisco IOS XR Software
26 May 2022
Published
21 Oct 2025
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
8.84%
KEV

Description

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to the Redis instance on the open port. A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database. Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture fallback
datatofu @drmorrisj

(  ̄▽ ̄)
[DYNAMIC-IMPUTE] Patched CVE-2010-3035 -> Inferred CWE-20 (Mode: worst_case) -> Synthetic CVSS: 9.8
[DYNAMIC-IMPUTE] Patched CVE-2020-3259 -> Inferred CWE-200 (Mode: worst_case) -> Synthetic CVSS: 8.2
[DYNAMIC-IMPUTE] Patched CVE-2022-20821 -> Inferred CWE-20 (Mode: worst_case) -> Synthetic CVSS: 9.8
[DYNAMIC-IMPUTE] Patched CVE-2023-20198 -> Inferred CWE-420 (Mode: worst_case) -> Synthetic CVSS: 9.5
[DYNAMIC-IMPUTE] Patched CVE-2018-0179 -> Inferred CWE-399 (Mode: worst_case) -> ...

  • 0
  • 0
  • 0
  • 3h ago

CVE-2018-0179

Overview

  • Cisco IOS
28 Mar 2018
Published
12 Jan 2026
Updated
CVSS
Pending
EPSS
2.03%
KEV

Description

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. These vulnerabilities affect Cisco devices that are running Cisco IOS Software Release 15.4(2)T, 15.4(3)M, or 15.4(2)CG and later. Cisco Bug IDs: CSCuy32360, CSCuz60599.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture fallback
datatofu @drmorrisj

(  ̄▽ ̄)
[DYNAMIC-IMPUTE] Patched CVE-2010-3035 -> Inferred CWE-20 (Mode: worst_case) -> Synthetic CVSS: 9.8
[DYNAMIC-IMPUTE] Patched CVE-2020-3259 -> Inferred CWE-200 (Mode: worst_case) -> Synthetic CVSS: 8.2
[DYNAMIC-IMPUTE] Patched CVE-2022-20821 -> Inferred CWE-20 (Mode: worst_case) -> Synthetic CVSS: 9.8
[DYNAMIC-IMPUTE] Patched CVE-2023-20198 -> Inferred CWE-420 (Mode: worst_case) -> Synthetic CVSS: 9.5
[DYNAMIC-IMPUTE] Patched CVE-2018-0179 -> Inferred CWE-399 (Mode: worst_case) -> ...

  • 0
  • 0
  • 0
  • 3h ago

CVE-2020-3153

Overview

  • Cisco
  • Cisco AnyConnect Secure Mobility Client
19 Feb 2020
Published
21 Oct 2025
Updated
CVSS v3.0
MEDIUM (6.5)
EPSS
25.09%
KEV

Description

A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.

Statistics

  • 2 Posts
Last activity: 3 hours ago

Fediverse

Profile picture fallback
datatofu @drmorrisj

orz
Filtering 40 nodes for attack surface...
[MATH-GUARD] Warning: CVE-2019-15271 isolated from CAPEC. Applying unmapped floor: 2.2
[MATH-GUARD] Warning: CVE-2020-3153 isolated from CAPEC. Applying unmapped floor: 1.6
[MATH-GUARD] Warning: CVE-2020-3433 isolated from CAPEC. Applying unmapped floor: 1.9
[MATH-GUARD] Warning: CVE-2023-20269 isolated from CAPEC. Applying unmapped floor: 1.2
[MATH-GUARD] Warning: CVE-2024-20353 isolated from CAPEC. Applying unmapped floor: 2.1
[MATH-GUARD] ...

  • 0
  • 0
  • 0
  • 3h ago
Profile picture fallback
datatofu @drmorrisj

(ノ-_-)ノ~┻━┻
Warning: CVE-2019-15271 (CWEs: ['CWE-502']) found no CAPEC relationships.
Warning: CVE-2020-3153 (CWEs: ['CWE-427']) found no CAPEC relationships.
Warning: CVE-2020-3433 (CWEs: ['CWE-427']) found no CAPEC relationships.
Warning: CVE-2023-20269 (CWEs: ['CWE-288', 'CWE-863']) found no CAPEC relationships.
Warning: CVE-2024-20353 (CWEs: ['CWE-835']) found no CAPEC relationships.
Warning: CVE-2025-20362 (CWEs: ['CWE-862']) found no CAPEC relationships.
Warning: CVE-2026-20127 (CWEs...

  • 0
  • 0
  • 0
  • 3h ago

CVE-2025-20362

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
25 Sep 2025
Published
26 Feb 2026
Updated
CVSS v3.1
MEDIUM (6.5)
EPSS
46.78%
KEV

Description

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software ["#fs"] section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture fallback
datatofu @drmorrisj

(ノ-_-)ノ~┻━┻
Warning: CVE-2019-15271 (CWEs: ['CWE-502']) found no CAPEC relationships.
Warning: CVE-2020-3153 (CWEs: ['CWE-427']) found no CAPEC relationships.
Warning: CVE-2020-3433 (CWEs: ['CWE-427']) found no CAPEC relationships.
Warning: CVE-2023-20269 (CWEs: ['CWE-288', 'CWE-863']) found no CAPEC relationships.
Warning: CVE-2024-20353 (CWEs: ['CWE-835']) found no CAPEC relationships.
Warning: CVE-2025-20362 (CWEs: ['CWE-862']) found no CAPEC relationships.
Warning: CVE-2026-20127 (CWEs...

  • 0
  • 0
  • 0
  • 3h ago

CVE-2026-20127

Overview

  • Cisco
  • Cisco Catalyst SD-WAN Manager
25 Feb 2026
Published
26 Feb 2026
Updated
CVSS v3.1
CRITICAL (10.0)
EPSS
54.80%
KEV

Description

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not working properly. An attacker could exploit this vulnerability by sending crafted requests to an affected system. A successful exploit could allow the attacker to log in to an affected Cisco Catalyst SD-WAN Controller as an internal, high-privileged, non-root user account. Using this account, the attacker could access NETCONF, which would then allow the attacker to manipulate network configuration for the SD-WAN fabric. 

Statistics

  • 1 Post
Last activity: 3 hours ago

Fediverse

Profile picture fallback
datatofu @drmorrisj

(ノ-_-)ノ~┻━┻
Warning: CVE-2019-15271 (CWEs: ['CWE-502']) found no CAPEC relationships.
Warning: CVE-2020-3153 (CWEs: ['CWE-427']) found no CAPEC relationships.
Warning: CVE-2020-3433 (CWEs: ['CWE-427']) found no CAPEC relationships.
Warning: CVE-2023-20269 (CWEs: ['CWE-288', 'CWE-863']) found no CAPEC relationships.
Warning: CVE-2024-20353 (CWEs: ['CWE-835']) found no CAPEC relationships.
Warning: CVE-2025-20362 (CWEs: ['CWE-862']) found no CAPEC relationships.
Warning: CVE-2026-20127 (CWEs...

  • 0
  • 0
  • 0
  • 3h ago
Showing 41 to 46 of 46 CVEs