Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2019-1630MEDIUMCisco Integrated Management Controller Denial of Service VulnerabilityEPSS 0.3%CVE-2024-20364MEDIUMA vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remoEPSS 0.3%CVE-2024-20391MEDIUMA vulnerability in the Network Access Manager (NAM) module of Cisco Secure Client could allow an unauthenticated attacker with physical acceEPSS 0.3%CVE-2022-20662MEDIUMCisco Duo for macOS Authentication Bypass VulnerabilityEPSS 0.3%CVE-2021-34729MEDIUMCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.3%CVE-2021-34725MEDIUMCisco IOS XE SD-WAN Software Command Injection VulnerabilityEPSS 0.3%CVE-2024-20476MEDIUMCisco Identity Services Engine Authorization Bypass VulnerabilityEPSS 0.3%CVE-2020-3455MEDIUMCisco FXOS Software for Firepower 4100/9300 Series Appliances Secure Boot Bypass VulnerabilityEPSS 0.3%CVE-2025-20306MEDIUMCisco Secure Firewall Management Center Software Command Injection VulnerabilityEPSS 0.3%CVE-2019-1815HIGHCisco Meraki MX67 and MX68 Sensitive Information Disclosure VulnerabilityEPSS 0.3%CVE-2021-1128MEDIUMCisco IOS XR Software Unauthorized Information Disclosure VulnerabilityEPSS 0.3%CVE-2019-1588MEDIUMCisco Nexus 9000 Series Fabric Switches Application-Centric Infrastructure Mode Arbitrary File Read VulnerabilityEPSS 0.3%CVE-2020-3393MEDIUMCisco IOS XE Software IOx Application Hosting Privilege Escalation VulnerabilityEPSS 0.3%CVE-2024-20326HIGHA vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could allow an authenticated, low-privileged, loEPSS 0.3%CVE-2022-20696HIGHCisco SD-WAN vManage Software Unauthenticated Access to Messaging Services VulnerabilityEPSS 0.3%CVE-2024-20463MEDIUMCisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection and Denial of Service VulnerabilityEPSS 0.3%CVE-2021-1432HIGHCisco IOS XE SD-WAN Software Arbitrary Command Execution VulnerabilityEPSS 0.3%CVE-2025-20285MEDIUMCisco Identity Services Engine IP Filter Access Restriction for Admin Access Configuration Bypass VulnerabilityEPSS 0.3%CVE-2026-20002HIGHA vulnerability in the web-based management interface of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct EPSS 0.3%CVE-2022-20855HIGHCisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points Privilege Escalation VulnerabilityEPSS 0.3%