cisco
Cisco warns of max severity Secure FMC flaws giving root access
Cisco has released security updates to patch two maximum-severity vulnerabilities in its Secure Firewall Management Center (FMC) software. Secure FMC is a web or SSH-based interface for admins to manage Cisco firewalls and configure application control, intrusion prevention, URL filtering, and advanced malware protection. Both vulnerabilities can be exploited remotely by unauthenticated attackers: the authentication […]
Critical Cisco SD-WAN bug exploited in zero-day attacks since 2023
Cisco is warning that a critical authentication bypass vulnerability in Cisco Catalyst SD-WAN, tracked as CVE-2026-20127, was actively exploited in zero-day attacks that allowed remote attackers to compromise controllers and add malicious rogue peers to targeted networks. CVE-2026-20127 has a maximum severity of 10.0 and impacts Cisco Catalyst SD-WAN Controller (formerly vSmart) and Cisco Catalyst […]
Cisco fixes Unified Communications RCE zero day exploited in attacks
Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as CVE-2026-20045, that has been actively exploited as a zero-day in attacks. Tracked as CVE-2026-20045, the flaw impacts Cisco Unified Communications Manager (Unified CM), Unified CM Session Management Edition (SME), Unified CM IM & Presence, Cisco Unity Connection, and Webex Calling Dedicated […]
Cisco finally fixes AsyncOS zero-day exploited since November
Cisco has finally patched a maximum-severity Cisco AsyncOS zero-day exploited in attacks against Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances since November 2025. As Cisco explained in December, when it disclosed the vulnerability (CVE-2025-20393), it affects only Cisco SEG and Cisco SEWM appliances with non-standard configurations when the Spam Quarantine […]
Cisco switches hit by reboot loops due to DNS client bug
Multiple Cisco switch models are suddenly experiencing reboot loops after logging fatal DNS client errors, according to reports seen by GeekFeed. Starting at approximately 2 AM, what appears to be a firmware bug in the switches’ internal DNS client service began treating DNS lookup failures as fatal errors, causing affected devices to reboot repeatedly. Switches […]
Cisco warns of Identity Service Engine flaw with exploit code
Cisco has patched a vulnerability in its Identity Services Engine (ISE) network access control solution, with public proof-of-concept exploit code, that can be abused by attackers with admin privileges. Enterprise admins use Cisco ISE to manage endpoint, user, and device access to network resources while enforcing a zero-trust architecture. The security flaw (CVE-2026-20029) affects Cisco […]
New password spraying attacks target Cisco, PAN VPN gateways
An automated campaign is targeting multiple VPN platforms, with credential-based attacks being observed on Palo Alto Networks GlobalProtect and Cisco SSL VPN. On December 11, threat monitoring platform GreyNoise observed the number of login attempts aimed at GlobalProtect portals peaked at 1.7 million during a period of 16 hours. Collected data showed that the attacks originated from […]
Cisco warns of unpatched AsyncOS zero-day exploited in attacks
Cisco warned customers today of an unpatched, maximum-severity Cisco AsyncOS zero-day actively exploited in attacks targeting Secure Email Gateway (SEG) and Secure Email and Web Manager (SEWM) appliances. This yet-to-be-patched zero-day (CVE-2025-20393) affects only Cisco SEG and Cisco SEWM appliances with non-standard configurations, when the Spam Quarantine feature is enabled and exposed on the Internet. […]
CISA warns feds to fully patch actively exploited Cisco flaws
CISA warned U.S. federal agencies to fully patch two actively exploited vulnerabilities in Cisco Adaptive Security Appliances (ASA) and Firepower devices. Tracked as CVE-2025-20362 and CVE-2025-20333, these security flaws allow remote threat actors to access restricted URL endpoints without authentication and gain code execution on vulnerable Cisco firewall devices, respectively. If chained, they can enable unauthenticated attackers to […]
Cisco: Actively exploited firewall flaws now abused for DoS attacks
Cisco warned this week that two vulnerabilities, which have been used in zero-day attacks, are now being exploited to force ASA and FTD firewalls into reboot loops. The tech giant released security updates on September 25 to address the two security flaws, stating that CVE-2025-20362 enables remote threat actors to access restricted URL endpoints without authentication, while CVE-2025-20333 allows authenticated attackers […]