Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2025-20202HIGHA vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service EPSS 0.2%CVE-2020-26071HIGHCisco SD-WAN vEdge Arbitrary File Creation VulnerabilityEPSS 0.2%CVE-2023-20274MEDIUMA vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges onEPSS 0.2%CVE-2024-20306MEDIUMA vulnerability in the Unified Threat Defense (UTD) configuration CLI of Cisco IOS XE Software could allow an authenticated, local attacker EPSS 0.2%CVE-2022-20929HIGHA vulnerability in the upgrade signature verification of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticatedEPSS 0.2%CVE-2026-20063MEDIUMCisco Secure FTD Software Authenticated Command Injection VulnerabilityEPSS 0.2%CVE-2025-20311HIGHA vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unautheEPSS 0.2%CVE-2026-20024MEDIUMA vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacEPSS 0.2%CVE-2019-1808MEDIUMCisco MDS 9700 Series Multilayer Directors and Nexus 7000/7700 Series Switches Software Patch Signature Verification VulnerabilityEPSS 0.2%CVE-2025-20293MEDIUMA vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) coulEPSS 0.2%CVE-2025-20135MEDIUMCisco Adaptive Security Appliance and Firepower Threat Defense Software DHCP Denial of Service VulnerabilityEPSS 0.2%CVE-2023-20193MEDIUMA vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbEPSS 0.2%CVE-2020-26074HIGHCisco SD-WAN vManage Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-20233MEDIUMCisco Webex Meetings Cross-Site Scripting VulnerabilityEPSS 0.2%CVE-2026-20085MEDIUMCisco Integrated Management Controller Cross-Site Scripting VulnerabilityEPSS 0.2%CVE-2025-20185LOWCisco Secure Email and Web Manager, Secure Email Gateway, and Secure Web Appliance Privilege Escalation VulnerabilityEPSS 0.2%CVE-2021-34708MEDIUMCisco IOS XR Software for Cisco 8000 and Network Convergence System 540 Series Routers Image Verification VulnerabilitiesEPSS 0.2%CVE-2019-16000MEDIUMCisco Umbrella Roaming Client for Windows Install VulnerabilityEPSS 0.2%CVE-2024-20461MEDIUMCisco ATA 190 Series Analog Telephone Adapter Firmware Command Injection VulnerabilityEPSS 0.2%CVE-2019-1809MEDIUMCisco NX-OS Software Patch Signature Verification Bypass VulnerabilityEPSS 0.2%