Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2023-20063HIGHCisco Cisco Firepower Threat Defense Software and Cisco Firepower Management Center Code Injection VulnerabilityEPSS 0.2%CVE-2021-1430HIGHCisco AnyConnect Secure Mobility Client for Windows DLL and Executable Hijacking VulnerabilitiesEPSS 0.2%CVE-2021-1376MEDIUMCisco IOS XE Software Fast Reload VulnerabilitiesEPSS 0.2%CVE-2019-1762MEDIUMCisco IOS and IOS XE Software Information Disclosure VulnerabilityEPSS 0.2%CVE-2021-1375MEDIUMCisco IOS XE Software Fast Reload VulnerabilitiesEPSS 0.2%CVE-2025-20347MEDIUMCisco Nexus Dashboard Fabric Controller Unauthorized REST API VulnerabilityEPSS 0.2%CVE-2022-20930MEDIUMCisco SD-WAN Software Arbitrary File Corruption VulnerabilityEPSS 0.2%CVE-2023-20251MEDIUMA vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attackeEPSS 0.2%CVE-2022-20734MEDIUMCisco SD-WAN vManage Software Information Disclosure VulnerabilityEPSS 0.2%CVE-2021-1423MEDIUMCisco Aironet Access Points Arbitrary File Overwrite VulnerabilityEPSS 0.2%CVE-2024-20347MEDIUMA vulnerability in Cisco Emergency Responder could allow an unauthenticated, remote attacker to conduct a CSRF attack, which could allow theEPSS 0.2%CVE-2021-1434MEDIUMCisco IOS XE SD-WAN Software Arbitrary File Corruption VulnerabilityEPSS 0.2%CVE-2021-34745HIGHAppDynamics .NET Agent Privilege Escalation VulnerabilityEPSS 0.2%CVE-2021-1512MEDIUMCisco SD-WAN Software Arbitrary File Corruption VulnerabilityEPSS 0.2%CVE-2021-1544MEDIUMCisco Webex Meetings Client Software Logging Information Disclosure VulnerabilityEPSS 0.2%CVE-2026-20061MEDIUMCisco Unity Connection SQL Injection VulnerabilityEPSS 0.2%CVE-2025-20137MEDIUMA vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and CiscoEPSS 0.2%CVE-2019-1729MEDIUMCisco NX-OS Software Arbitrary File Overwrite VulnerabilityEPSS 0.2%CVE-2024-20289MEDIUMCisco NX-OS Software Command Injection VulnerabilityEPSS 0.2%CVE-2025-20141HIGHCisco IOS XR Software Release 7.9.2 Denial of Service VulnerabillityEPSS 0.2%