Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2020-3594HIGHCisco SD-WAN Software Privilege Escalation VulnerabilityEPSS 0.3%CVE-2020-3595HIGHCisco SD-WAN Software Privilege Escalation VulnerabilityEPSS 0.3%CVE-2023-20031MEDIUMA vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) SoftwaEPSS 0.3%CVE-2020-3593HIGHCisco SD-WAN Software Privilege Escalation VulnerabilityEPSS 0.3%CVE-2026-20100HIGHA vulnerability in the LUA interperter of the Remote Access SSL VPN feature of Cisco Secure Firewall Adaptive Security Appliance (ASA) SoftwEPSS 0.3%CVE-2021-34722MEDIUMCisco IOS XR Software Command Injection VulnerabilitiesEPSS 0.3%CVE-2020-3151MEDIUMCisco Connected Mobile Experiences Restricted Shell Escape VulnerabilityEPSS 0.3%CVE-2021-34719HIGHCisco IOS XR Software Authenticated User Privilege Escalation VulnerabilitiesEPSS 0.3%CVE-2026-20003MEDIUMA vulnerability in the REST API of Cisco Secure FMC Software could allow an authenticated, remote attacker to conduct SQL injection attacks EPSS 0.3%CVE-2020-3530HIGHCisco IOS XR Authenticated User Privilege Escalation VulnerabilityEPSS 0.3%CVE-2026-20125HIGHA vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote aEPSS 0.3%CVE-2021-1386HIGHCisco Advanced Malware Protection for Endpoints Windows Connector, ClamAV for Windows, and Immunet DLL Hijacking VulnerabilityEPSS 0.3%CVE-2021-1454MEDIUMCisco IOS XE SD-WAN Software Parameter Injection VulnerabilitiesEPSS 0.3%CVE-2022-20915HIGHCisco IOS XE Software IPv6 VPN over MPLS Denial of Service VulnerabilityEPSS 0.3%CVE-2025-20131MEDIUMCisco Identity Services Engine Arbitrary File Upload VulnerabilityEPSS 0.3%CVE-2022-20934MEDIUMA vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS Software could allow an authenticated, local attaEPSS 0.3%CVE-2021-34721MEDIUMCisco IOS XR Software Command Injection VulnerabilitiesEPSS 0.3%CVE-2025-20216MEDIUMCisco Catalyst SD-WAN Manager Reflected HTML Injection VulnerabilityEPSS 0.3%CVE-2020-3335MEDIUMCisco Application Services Engine Software Authorization VulnerabilityEPSS 0.3%CVE-2025-20305MEDIUMA vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to obtain sensitive informaEPSS 0.3%