Vulnerabilidades en Cisco

3214 resultados
Análisis Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2020-3394HIGHCisco Nexus 3000 and 9000 Series Switches Privilege Escalation VulnerabilityEPSS 0.3%CVE-2020-3477MEDIUMCisco IOS and IOS XE Software Information Disclosure VulnerabilityEPSS 0.3%CVE-2025-20262MEDIUMCisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service VulnerabilityEPSS 0.3%CVE-2020-3396MEDIUMCisco IOS XE Software IOx Guest Shell USB SSD Namespace Protection Privilege Escalation VulnerabilityEPSS 0.3%CVE-2022-20826MEDIUMA vulnerability in the secure boot implementation of Cisco Secure Firewalls 3100 Series that are running Cisco Adaptive Security Appliance (EPSS 0.3%CVE-2025-20288MEDIUMCisco Unified Intelligence Center Server-Side Request Forgery VulnerabilityEPSS 0.3%CVE-2024-20530MEDIUMCisco Identity Services Engine Reflected Cross-Site Scripting VulnerabilityEPSS 0.3%CVE-2025-20144MEDIUMCisco IOS XR Software Access Control List Bypass VulnerabilityEPSS 0.3%CVE-2020-3416MEDIUMCisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution VulnerabilitiesEPSS 0.3%CVE-2024-20497MEDIUMCisco Expressway Edge Improper Authorization VulnerabilityEPSS 0.3%CVE-2020-3208MEDIUMCisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers Image Verification Bypass VulnerabilityEPSS 0.3%CVE-2024-20303HIGHA vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauEPSS 0.3%CVE-2020-3513MEDIUMCisco IOS XE Software for Cisco ASR 900 Series Route Switch Processor 3 Arbitrary Code Execution VulnerabilitiesEPSS 0.3%CVE-2019-1919HIGHCisco FindIT Network Management Software Static Credentials VulnerabilityEPSS 0.3%CVE-2021-1485MEDIUMCisco IOS XR Software Command Injection VulnerabilityEPSS 0.3%CVE-2019-1911MEDIUMCisco Unified Communications Domain Manager Restricted Shell Escape VulnerabilityEPSS 0.3%CVE-2020-27129MEDIUMCisco SD-WAN vManage Software Command Injection VulnerabilityEPSS 0.3%CVE-2021-1233MEDIUMCisco SD-WAN Information Disclosure VulnerabilityEPSS 0.3%CVE-2020-3344MEDIUMCisco AMP for Endpoints Linux Connector and AMP for Endpoints Mac Connector Software Memory Buffer VulnerabilityEPSS 0.3%CVE-2020-3343MEDIUMCisco AMP for Endpoints Linux Connector and AMP for Endpoints Mac Connector Software Memory Buffer VulnerabilityEPSS 0.3%