CISA Catalog
Data sourced from the official CISA Known Exploited Vulnerabilities Catalog. Federal agencies are required to remediate these vulnerabilities by the due date per BOD 22-01.
KEV Entries
1,619
Ransomware Use
327
Overdue
1,615
Vendors
266
Products
655
91 results · Page 2/4
Cisco IOS and IOS XE Group Encrypted Transport VPN Out-of-Bounds Write Vulnerability
Cisco · IOS and IOS XE
Cisco IOS and IOS XE contain an out-of-bounds write vulnerability in the Group Encrypted Transport VPN (GET VPN) feature that could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute malicious code or cause a device to crash.
Required Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Cisco Adaptive Security Appliance and Firepower Threat Defense Unauthorized Access Vulnerability
Cisco · Adaptive Security Appliance and Firepower Threat Defense
Cisco Adaptive Security Appliance and Firepower Threat Defense contain an unauthorized access vulnerability that could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or establish a clientless SSL VPN session with an unauthorized user.
Required Action
Apply mitigations per vendor instructions for group-lock and vpn-simultaneous-logins or discontinue use of the product for unsupported devices.
Cisco IOS Denial-of-Service Vulnerability
Cisco · IOS
Cisco IOS contains an unspecified vulnerability that may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases, Hypertext Transport Protocol (HTTP) access to the Cisco device.
Required Action
Apply updates per vendor instructions.
Cisco IOS, IOS XR, and IOS XE IKEv1 Information Disclosure Vulnerability
Cisco · IOS, IOS XR, and IOS XE
Cisco IOS, IOS XR, and IOS XE contain insufficient condition checks in the part of the code that handles Internet Key Exchange version 1 (IKEv1) security negotiation requests. contains an information disclosure vulnerability in the Internet Key Exchange version 1 (IKEv1) that could allow an attacker to retrieve memory contents. Successful exploitation could allow the attacker to retrieve memory contents, which can lead to information disclosure.
Required Action
Apply updates per vendor instructions.
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
Cisco · IOS and IOS XE Software
The Simple Network Management Protocol (SNMP) subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload.
Required Action
Apply updates per vendor instructions.
Cisco AnyConnect Secure Mobility Client for Windows DLL Hijacking Vulnerability
Cisco · AnyConnect Secure
Cisco AnyConnect Secure Mobility Client for Windows interprocess communication (IPC) channel allows for insufficient validation of resources that are loaded by the application at run time. An attacker with valid credentials on Windows could execute code on the affected machine with SYSTEM privileges.
Required Action
Apply updates per vendor instructions.
Cisco AnyConnect Secure Mobility Client for Windows Uncontrolled Search Path Vulnerability
Cisco · AnyConnect Secure
Cisco AnyConnect Secure Mobility Client for Windows allows for incorrect handling of directory paths. An attacker with valid credentials on Windows would be able to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks.
Required Action
Apply updates per vendor instructions.
Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability
Cisco · RV Series Routers
A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges.
Required Action
Apply updates per vendor instructions.
Cisco Adaptive Security Appliance (ASA) SNMP Buffer Overflow Vulnerability
Cisco · Adaptive Security Appliance (ASA)
A buffer overflow vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco ASA software could allow an attacker to cause a reload of the affected system or to remotely execute code.
Required Action
Apply updates per vendor instructions.
Cisco Adaptive Security Appliance (ASA) CLI Remote Code Execution Vulnerability
Cisco · Adaptive Security Appliance (ASA)
A vulnerability in the command-line interface (CLI) parser of Cisco ASA software could allow an authenticated, local attacker to create a denial-of-service (DoS) condition or potentially execute code.
Required Action
Apply updates per vendor instructions.
Cisco IOS XR Open Port Vulnerability
Cisco · IOS XR
Cisco IOS XR software health check opens TCP port 6379 by default on activation. An attacker can connect to the Redis instance on the open port and allow access to the Redis instance that is running within the NOSi container.
Required Action
Apply updates per vendor instructions.
Cisco Secure Access Control System Java Deserialization Vulnerability
Cisco · Secure Access Control System (ACS)
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software.
Required Action
Apply updates per vendor instructions.
Cisco VPN Routers Remote Code Execution Vulnerability
Cisco · VPN Routers
A vulnerability in the web interface of the Cisco VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as root and gain full control of an affected system.
Required Action
Apply updates per vendor instructions.
Cisco IOS and IOS XE Remote Code Execution Vulnerability
Cisco · IOS and IOS XE
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges.
Required Action
Apply updates per vendor instructions.
Cisco Prime Data Center Network Manager (DCNM) Directory Traversal Vulnerability
Cisco · Prime Data Center Network Manager (DCNM)
Directory traversal vulnerability in the fmserver servlet in Cisco Prime Data Center Network Manager (DCNM) allows remote attackers to read arbitrary files.
Required Action
Apply updates per vendor instructions.
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Cisco · IOS XR
Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Cisco · IOS XR
Cisco IOS XR,when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Cisco · Small Business RV160, RV260, RV340, and RV345 Series Routers
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Cisco · Small Business RV160, RV260, RV340, and RV345 Series Routers
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Cisco · Small Business RV160, RV260, RV340, and RV345 Series Routers
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Cisco · Small Business RV160, RV260, RV340, and RV345 Series Routers
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco Small Business RV Series Routers Stack-based Buffer Overflow Vulnerability
Cisco · Small Business RV160, RV260, RV340, and RV345 Series Routers
A vulnerability in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code elevate privileges, execute arbitrary commands, bypass authentication and authorization protections, fetch and run unsigned software, or cause a denial of service (DoS).
Required Action
Apply updates per vendor instructions.
Cisco Small Business Routers Improper Input Validation Vulnerability
Cisco · Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an authenticated, remote attacker with administrative privileges on an affected device to execute arbitrary commands.
Required Action
Apply updates per vendor instructions.
Cisco IOS Software Denial-of-Service Vulnerability
Cisco · IOS Software
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Required Action
Apply updates per vendor instructions.
Cisco IOS Software Denial-of-Service Vulnerability
Cisco · IOS Software
A vulnerability in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.
Required Action
Apply updates per vendor instructions.
