Vulnerabilidades en Cisco

3214 resultados
Análisis Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2026-20058MEDIUMCisco Secure Firewall Threat Defense Software Snort 3 Visual Basic for Application Denial of Service VulnerabilityEPSS 0.4%CVE-2024-20392MEDIUMA vulnerability in the web-based management API of Cisco AsyncOS Software for Cisco Secure Email Gateway could allow an unauthenticated, remEPSS 0.4%CVE-2026-20185HIGHCisco SG350 and SG350X Series Managed Switches SNMP Denial of Service VunerabilityEPSS 0.4%CVE-2026-20216HIGHClamAV InstallShield File Format Processing Resource Exhaustion VulnerabilityEPSS 0.4%CVE-2026-20244HIGHClamAV DMG File Processing Denial of Service VulnerabilityEPSS 0.4%CVE-2026-20217HIGHClamAV PESpin File Format Processing Out-of-Bounds Memory Corruption VulnerabilityEPSS 0.4%CVE-2026-20215HIGHClamAV 7Zip File Format Processing Out-of-Bounds Memory Corruption VulnerabilityEPSS 0.4%CVE-2026-20243HIGHClamAV ALZ Archive Processing Denial of Service VulnerabilityEPSS 0.4%CVE-2023-20228MEDIUMA vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remoteEPSS 0.4%CVE-2026-20081MEDIUMCisco Unity Connection Arbitrary File Download VulnerabilityEPSS 0.4%CVE-2026-20078MEDIUMCisco Unity Connection Arbitrary File Download VulnerabilityEPSS 0.4%CVE-2021-1439HIGHCisco Aironet Access Points FlexConnect Multicast DNS Denial of Service VulnerabilityEPSS 0.4%CVE-2020-3602MEDIUMCisco StarOS Privilege Escalation VulnerabilityEPSS 0.4%CVE-2019-1656MEDIUMCisco Enterprise NFV Infrastructure Software Linux Shell Access VulnerabilityEPSS 0.4%CVE-2020-3545MEDIUMCisco FXOS Software Buffer Overflow VulnerabilityEPSS 0.4%CVE-2025-20269MEDIUMCisco Evolved Programmable Network Manager and Prime Infrastructure Arbitrary File Download VulnerabilityEPSS 0.4%CVE-2020-3423MEDIUMCisco IOS XE Software Arbitrary Code Execution VulnerabilityEPSS 0.4%CVE-2020-3152MEDIUMCisco Connected Mobile Experiences Privilege Escalation VulnerabilityEPSS 0.4%CVE-2024-20431MEDIUMA vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, rEPSS 0.4%CVE-2023-20229HIGHA vulnerability in the CryptoService function of Cisco Duo Device Health Application for Windows could allow an authenticated, local attackeEPSS 0.4%