https://www.infosecurity-magazine.com/news/russian-espionage-group-targets/
Russian Espionage Group Static Tundra Targets Legacy Cisco Flaw - Infosecurity Magazine
Aug 21, 2025 - Russian state-backed hackers are exploiting a seven-year-old Cisco Smart Install vulnerability (CVE-2018-0171) in end-of-life devices
cisco flawrussianespionagegroupstatic
https://thehackernews.com/2021/04/cisco-will-not-patch-critical-rce-flaw.html
Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers
Cisco would not patch critical RCE flaws in end-of-life business routers, urging businesses to purchase new routers.
https://securityaffairs.com/134287/security/cisco-flaw-asa-ftd.html
Cisco fixed a flaw in ASA, FTD devices that can give access to RSA private key
Aug 11, 2022 - Cisco addressed a high severity flaw, tracked as CVE-2022-20866, affecting Adaptive Security Appliance (ASA) and FTD software.
https://www.securitymagazine.com/articles/95511-researchers-publish-proof-of-concept-for-cisco-asa-flaw
Researchers publish proof of concept for Cisco ASA flaw | 2021-06-28 | Security Magazine
Researchers at at Positive Technologies have published a proof-of-concept exploit for CVE-2020-3580. There are reports of researchers pursuing bug bounties...
https://thehackernews.com/2025/01/cisco-fixes-critical-privilege.html?m=0
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management.
privilege escalationmeeting managementciscofixescritical
https://www.sentinelone.com/vulnerability-database/cve-2026-20078/
CVE-2026-20078: Cisco Unity Connection Path Traversal Flaw
CVE-2026-20078 is a path traversal vulnerability in Cisco Unity Connection. Learn about its impact, affected versions, and mitigation methods.
path traversalcve202620078cisco
https://thehackernews.com/2025/10/hackers-deploy-linux-rootkits-via-cisco.html?m=1
Hackers Deploy Linux Rootkits via Cisco SNMP Flaw in 'Zero Disco' Attacks
Operation Zero Disco exploits Cisco IOS flaw CVE-2025-20352 to deploy persistent Linux rootkits
https://thehackernews.com/2025/05/vicioustrap-uses-cisco-flaw-to-build.html
ViciousTrap Uses Cisco Flaw to Build Global Honeypot from 5,300 Compromised Devices
ViciousTrap exploited CVE-2023-20118 to hijack 5,300 routers, building a honeypot-style spy network.
https://www.nextgov.com/cybersecurity/2025/02/salt-typhoon-hackers-exploited-stolen-credentials-and-7-year-old-software-flaw-cisco-systems/403146/?oref=ng-next-story
Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems -...
The Chinese hacking collective has widely leveraged vulnerabilities in communications infrastructure to breach dozens of telecom providers in the U.S. a...
https://www.sentinelone.com/vulnerability-database/cve-2025-20139/
CVE-2025-20139: Cisco Enterprise Chat and Email DoS Flaw
CVE-2025-20139 is a denial of service vulnerability in Cisco Enterprise Chat and Email. Learn about its impact, affected versions, and mitigation methods.
cve2025ciscoenterprisechat
https://www.techradar.com/pro/security/cisco-webex-security-flaw-could-let-hackers-hijack-your-system-via-a-meeting-invite
Cisco Webex security flaw could let hackers hijack your system via a meeting invite | TechRadar
Apr 21, 2025 - Patch was already released, so Webex users should update now
https://securityaffairs.com/161975/hacking/cisco-integrated-management-controller-bug.html
Cisco warns of a command injection escalation flaw in its IMC
Apr 18, 2024 - Cisco addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists
command injectionciscowarns
https://securityaffairs.com/78614/security/cisco-prime-license-manager-flaw.html
Cisco addressed SQL Injection flaw in Cisco Prime License Manager
Dec 2, 2018 - Cisco released security updates to address a flaw in Cisco Prime License Manager that could be exploited by an attacker to execute arbitrary SQL queries.
sql injectionciscoaddressedflawprime
https://www.nextgov.com/cybersecurity/2025/02/salt-typhoon-hackers-exploited-stolen-credentials-and-7-year-old-software-flaw-cisco-systems/403146/?oref=ng-topic-lander-top-story
Salt Typhoon hackers exploited stolen credentials and a 7-year-old software flaw in Cisco systems -...
The Chinese hacking collective has widely leveraged vulnerabilities in communications infrastructure to breach dozens of telecom providers in the U.S. a...
https://thehackernews.com/2023/03/critical-flaw-in-cisco-ip-phone-series.html
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
Cisco has just released a security update to fix a critical vulnerability (CVE-2023-20078) in its IP Phone 6800, 7800, 7900, and 8800 Series products.
cisco ip phone
https://www.itnews.com.au/news/cisco-wireless-flaw-discovered-153963
Cisco wireless flaw discovered - iTnews
Could lead to a "full breach".
cisco wirelessflawdiscovereditnews
https://thehackernews.com/2026/03/cisa-warns-of-zimbra-sharepoint-flaw.html?version=meter+at+null
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.
https://securityaffairs.com/143366/security/cisco-cve-2023-20049-dos.html
Cisco fixed CVE-2023-20049 DoS flaw affecting enterprise routers
Mar 12, 2023 - Cisco fixed a high-severity DoS vulnerability (CVE-2023-20049) in IOS XR software that impacts several enterprise routers.
ciscofixedcve202320049
https://securityaffairs.com/152935/security/cisa-adds-second-cisco-ios-xe-flaw-to-its-known-exploited-vulnerabilities-catalog.html
CISA adds second Cisco IOS XE flaw to its Known Exploited Vulnerabilities catalog - Security Affairs
Oct 23, 2023 - US CISA added the vulnerability CVE-2023-20273 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog.
https://thehackernews.com/2022/06/critical-flaw-in-cisco-secure-email-and.html
Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication
Cisco releases a patch to address a critical vulnerability in the Email Security Appliance (ESA) and Secure Email and Web Manager.
https://www.crn.com/news/security/vpn-app-flaw-impacted-vendors-like-f5-palo-alto-networks-researchers
Cisco, Palo Alto Networks Among Those Impacted By VPN App Flaw: Researchers | CRN
Hackers could exploit a VPN app vulnerability found in products from four cybersecurity vendors to take control of a user's applications, researchers warn.
palo alto networks
https://thehackernews.com/2020/09/cisco-issue-warning-over-ios-xr-zero.html
Cisco Issues Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
Cisco Issue Warning Over IOS XR Zero-Day Flaw Being Targeted in the Wild
https://securityaffairs.com/81751/security/cisco-webex-elevation-privilege.html
Cisco WebEx Meetings affected by a new elevation of privilege flaw
Feb 28, 2019 - A vulnerability in the update service of the Cisco Webex Meetings Desktop App for Windows could allow elevation of privilege
elevation of privilegecisco webexmeetingsaffected
https://securityaffairs.com/71680/hacking/cve-2018-0229-cisco-saml.html
CVE-2018-0229 flaw in SAML implementation threatens CISCO products
Apr 23, 2018 - Cisco has announced a set of security patches that address the CVE-2018-0229 vulnerability in its implementation of the Security Assertion Markup Language...
cve20180229flawsaml
https://thehackernews.com/2021/06/cisco-asa-flaw-under-active-attack.html
Cisco ASA Flaw Under Active Attack After PoC Exploit Posted Online
An active attack is underway against Cisco Adaptive Security Appliance (ASA) vulnerability after an exploit code was released on the internet.
cisco asaflawactive
https://www.helpnetsecurity.com/2015/02/23/flaw-makes-cisco-routing-hardware-vulnerable-to-dos-attacks/
Flaw makes Cisco routing hardware vulnerable to DoS attacks - Help Net Security
Feb 23, 2015 - A serious vulnerability affecting the software of some of Cisco's routing hardware systems for telecommunications and Internet service providers could be
https://thehackernews.com/2021/08/critical-flaw-found-in-older-cisco.html
Critical Flaw Found in Older Cisco Small Business Routers Won't Be Fixed
Cisco will not patch a critical vulnerability found in older Cisco Small Business Routers
cisco small business
https://securityaffairs.com/71181/hacking/cve-2018-0171-russia-iran-attacks.html
Vigilante hackers strike Russia and Iran Networks exploiting Cisco CVE-2018-0171 flaw
Apr 9, 2018 - Last week, the hacking crew "JHT" launched a hacking campaign exploiting Cisco CVE-2018-0171 flaw against network infrastructure in Russia and Iran.
https://thehackernews.com/2024/10/cisa-warns-of-critical-fortinet-flaw-as.html?ref=cybersecsentinel.com
CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches
CISA flags a critical Fortinet flaw under active exploitation. Palo Alto Networks and Cisco also release urgent security patches.
https://www.sentinelone.com/vulnerability-database/cve-2025-20210/
CVE-2025-20210: Cisco Catalyst Center Auth Bypass Flaw
CVE-2025-20210 is an authentication bypass vulnerability in Cisco Catalyst Center. Learn about its impact, affected versions, and mitigation methods.
cisco catalyst centercve202520210auth
https://thehackernews.com/2025/01/cisco-fixes-critical-privilege.html?version=meter+at+null
Cisco Fixes Critical Privilege Escalation Flaw in Meeting Management (CVSS 9.9)
Cisco addresses critical CVE-2025-20156 with 9.9 CVSS, fixing admin privilege risk in Meeting Management.
privilege escalationmeeting managementciscofixescritical