Vulnerabilidades em Cisco

3.214 resultados
Análise Vexday

Com 3.204 CVEs catalogadas e 53 confirmadas em exploração ativa pelo CISA KEV, a taxa de exploração dos produtos Cisco está 3,7 vezes acima da média geral do catálogo, o que indica risco operacional significativamente elevado para organizações que dependem dessas tecnologias. Há ainda 199 vulnerabilidades de severidade crítica e 77 com prova de conceito pública disponível, ampliando a superfície de ataque explorável sem necessidade de capacidade ofensiva avançada. O tipo de falha mais recorrente é CWE-20 (validação de entrada inadequada), uma classe de vulnerabilidade frequentemente presente em componentes de rede e que tende a produzir impacto amplo quando explorada. A CVE mais perigosa em exploração ativa neste momento é CVE-2021-1498, com EPSS máximo de 1,0 — indicando probabilidade de exploração extremamente alta —, e deve ser tratada como prioridade imediata em qualquer processo de gestão de patches.

CVE-2026-20040HIGHCisco IOS XR Software CLI Privilege Escalation VulnerabilityEPSS 0.2%CVE-2021-34788HIGHCisco AnyConnect Secure Mobility Client for Linux and Mac OS with VPN Posture (HostScan) Module Shared Library Hijacking VulnerabilityEPSS 0.2%CVE-2023-20253HIGHA vulnerability in the command line interface (cli) management interface of Cisco SD-WAN vManage could allow an authenticated, local attackeEPSS 0.2%CVE-2026-20087MEDIUMCisco Integrated Management Controller Cross-Site Scripting VulnerabilityEPSS 0.2%CVE-2026-20091MEDIUMCisco UCS Manager and FXOS Software Stored Cross-Site Scripting VulnerabilityEPSS 0.2%CVE-2023-20234MEDIUMA vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on theEPSS 0.2%CVE-2026-20219MEDIUMA vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of othEPSS 0.2%CVE-2024-20282MEDIUMA vulnerability in Cisco Nexus Dashboard could allow an authenticated, local attacker with valid rescue-user credentials to elevate privilegEPSS 0.2%CVE-2023-20029MEDIUMCisco IOS XE Software Privilege Escalation VulnerabilityEPSS 0.2%CVE-2025-20206HIGHCisco Secure Client for Windows with VPN Posture (HostScan) Module DLL Hijacking VulnerabilityEPSS 0.2%CVE-2025-20326MEDIUMCisco Unified Communications Manager Cross-Site Request Forgery VulnerabilityEPSS 0.2%CVE-2025-20255MEDIUMA vulnerability in client join services of Cisco Webex Meetings could allow an unauthenticated, remote attacker to manipulate cached HTTP reEPSS 0.2%CVE-2026-20010HIGHCisco Nexus 3000 and 9000 Series Switches Link Layer Discovery Protocol Denial of Service VulnerabilityEPSS 0.2%CVE-2024-20370MEDIUMA vulnerability in the Cisco FXOS CLI feature on specific hardware platforms for Cisco Adaptive Security Appliance (ASA) Software and Cisco EPSS 0.2%CVE-2025-20126MEDIUMCisco ThousandEyes Endpoint Agent Certificate Validation VulnerabilityEPSS 0.2%CVE-2024-20435HIGHA vulnerability in the CLI of Cisco AsyncOS for Secure Web Appliance could allow an authenticated, local attacker to execute arbitrary commaEPSS 0.2%CVE-2021-1462MEDIUMCisco SD-WAN vManage Software Privilege Escalation VulnerabilityEPSS 0.2%CVE-2026-20025MEDIUMA vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacEPSS 0.2%CVE-2026-20108MEDIUMA vulnerability in the web-based management interface of Cisco Catalyst SD-WAN Manager could allow an authenticated, remote attacker to condEPSS 0.2%CVE-2025-20275MEDIUMCisco Unified Contact Center Express Editor Remote Code Execution VulnerabilityEPSS 0.2%