Robuta

https://www.infosecurity-magazine.com/news/russian-espionage-group-targets/ Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw - Infosecurity Magazine Aug 21, 2025 - Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices cisco flawrussianespionagegroupstatic https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers Cisco would not patch critical RCE flaws in end-of-life business routers, urging businesses to purchase new routers. https://securityaffairs.com/134287/security/cisco-flaw-asa-ftd.html Cisco fixed a flaw in ASA, FTD devices that can give access to RSA private key Aug 11, 2022 - Cisco addressed a high severity flaw, tracked as CVE-2022-20866, affecting Adaptive Security Appliance (ASA) and FTD software. https://www.securitymagazine.com/articles/95511-researchers-publish-proof-of-concept-for-cisco-asa-flaw Researchers publish proof of concept for Cisco ASA flaw | 2021-06-28 | Security Magazine Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties... https://thehackernews.com/2025/01/cisco-fixes-critical-privilege.html?m=0 Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management. privilege escalationmeeting managementciscofixescritical https://www.sentinelone.com/vulnerability-database/cve-2026-20078/ CVE-2026-20078: Cisco Unity Connection Path Traversal Flaw CVE-2026-20078 is a path traversal vulnerability in Cisco Unity Connection. Learn about its impact, affected versions, and mitigation methods. path traversalcve202620078cisco https://thehackernews.com/2025/10/hackers-deploy-linux-rootkits-via-cisco.html?m=1 Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks Operation Zero Disco exploits Cisco IOS flaw CVE-2025-20352 to deploy persistent Linux rootkits https://thehackernews.com/2025/05/vicioustrap-uses-cisco-flaw-to-build.html ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices ViciousTrap exploited CVE-2023-20118 to hijack 5,300 routers, building a honeypot-style spy network. https://www.nextgov.com/cybersecurity/2025/02/salt-typhoon-hackers-exploited-stolen-credentials-and-7-year-old-software-flaw-cisco-systems/403146/?oref=ng-next-story Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems -... The Chinese hacking collective has widely leveraged vulnerabilities in communications infrastructure to breach dozens of telecom providers in the U.S. a... https://www.sentinelone.com/vulnerability-database/cve-2025-20139/ CVE-2025-20139: Cisco Enterprise Chat and Email DoS Flaw CVE-2025-20139 is a denial of service vulnerability in Cisco Enterprise Chat and Email. Learn about its impact, affected versions, and mitigation methods. cve2025ciscoenterprisechat https://www.techradar.com/pro/security/cisco-webex-security-flaw-could-let-hackers-hijack-your-system-via-a-meeting-invite Cisco Webex security flaw could let hackers hijack your system via a meeting invite | TechRadar Apr 21, 2025 - Patch was already released, so Webex users should update now https://securityaffairs.com/161975/hacking/cisco-integrated-management-controller-bug.html Cisco warns of a command injection escalation flaw in its IMC Apr 18, 2024 - Cisco addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists command injectionciscowarns https://securityaffairs.com/78614/security/cisco-prime-license-manager-flaw.html Cisco addressed SQL Injection flaw in Cisco Prime License Manager Dec 2, 2018 - Cisco released security updates to address a flaw in Cisco Prime License Manager that could be exploited by an attacker to execute arbitrary SQL queries. sql injectionciscoaddressedflawprime https://www.nextgov.com/cybersecurity/2025/02/salt-typhoon-hackers-exploited-stolen-credentials-and-7-year-old-software-flaw-cisco-systems/403146/?oref=ng-topic-lander-top-story Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems -... The Chinese hacking collective has widely leveraged vulnerabilities in communications infrastructure to breach dozens of telecom providers in the U.S. a... https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack Cisco has just released a security update to fix a critical vulnerability (CVE-2023-20078) in its IP Phone 6800, 7800, 7900, and 8800 Series products. cisco ip phone https://www.itnews.com.au/news/cisco-wireless-flaw-discovered-153963 Cisco wireless flaw discovered - iTnews Could lead to a "full breach". cisco wirelessflawdiscovereditnews https://thehackernews.com/2026/03/cisa-warns-of-zimbra-sharepoint-flaw.html?version=meter+at+null CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks. https://securityaffairs.com/143366/security/cisco-cve-2023-20049-dos.html Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers Mar 12, 2023 - Cisco fixed a high-severity DoS vulnerability (CVE-2023-20049) in IOS XR software that impacts several enterprise routers. ciscofixedcve202320049 https://securityaffairs.com/152935/security/cisa-adds-second-cisco-ios-xe-flaw-to-its-known-exploited-vulnerabilities-catalog.html CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog - Security Affairs Oct 23, 2023 - US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. https://thehackernews.com/2022/06/critical-flaw-in-cisco-secure-email-and.html Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication Cisco releases a patch to address a critical vulnerability in the Email Security Appliance (ESA) and Secure Email and Web Manager. https://www.crn.com/news/security/vpn-app-flaw-impacted-vendors-like-f5-palo-alto-networks-researchers Cisco, Palo Alto Networks Among Those Impacted By VPN App Flaw: Researchers | CRN Hackers could exploit a VPN app vulnerability found in products from four cybersecurity vendors to take control of a user's applications, researchers warn. palo alto networks https://thehackernews.com/2020/09/cisco-issue-warning-over-ios-xr-zero.html Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild Cisco Issue Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild https://securityaffairs.com/81751/security/cisco-webex-elevation-privilege.html Cisco WebEx Meetings affected by a new elevation of privilege flaw Feb 28, 2019 - A vulnerability in the update service of the Cisco Webex Meetings Desktop App for Windows could allow elevation of privilege elevation of privilegecisco webexmeetingsaffected https://securityaffairs.com/71680/hacking/cve-2018-0229-cisco-saml.html CVE-2018-0229 flaw in SAML implementation threatens CISCO products Apr 23, 2018 - Cisco has announced a set of security patches that address the CVE-2018-0229 vulnerability in its implementation of the Security Assertion Markup Language... cve20180229flawsaml https://thehackernews.com/2021/06/cisco-asa-flaw-under-active-attack.html Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online An active attack is underway against Cisco Adaptive Security Appliance (ASA) vulnerability after an exploit code was released on the internet. cisco asaflawactive https://www.helpnetsecurity.com/2015/02/23/flaw-makes-cisco-routing-hardware-vulnerable-to-dos-attacks/ Flaw makes Cisco routing hardware vulnerable to DoS attacks - Help Net Security Feb 23, 2015 - A serious vulnerability affecting the software of some of Cisco's routing hardware systems for telecommunications and Internet service providers could be https://thehackernews.com/2021/08/critical-flaw-found-in-older-cisco.html Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed Cisco will not patch a critical vulnerability found in older Cisco Small Business Routers cisco small business https://securityaffairs.com/71181/hacking/cve-2018-0171-russia-iran-attacks.html Vigilante hackers strike Russia and Iran Networks exploiting Cisco CVE-2018-0171 flaw Apr 9, 2018 - Last week, the hacking crew "JHT" launched a hacking campaign exploiting Cisco CVE-2018-0171 flaw against network infrastructure in Russia and Iran. https://thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html?ref=cybersecsentinel.com CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches CISA flags a critical Fortinet flaw under active exploitation. Palo Alto Networks and Cisco also release urgent security patches. https://www.sentinelone.com/vulnerability-database/cve-2025-20210/ CVE-2025-20210: Cisco Catalyst Center Auth Bypass Flaw CVE-2025-20210 is an authentication bypass vulnerability in Cisco Catalyst Center. Learn about its impact, affected versions, and mitigation methods. cisco catalyst centercve202520210auth https://thehackernews.com/2025/01/cisco-fixes-critical-privilege.html?version=meter+at+null Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9) Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management. privilege escalationmeeting managementciscofixescritical