{"vulnerability": "CVE-2025-2012", "sightings": [{"uuid": "ac69584f-32ef-471e-adf1-4a6bb6e37213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://t.me/true_secator/6705", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Identity Services Engine (ISE), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2025-20124\u00a0(CVSS: 9,9) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 Java \u0432 API Cisco ISE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, CVE-2025-20125\u00a0(CVSS: 9,1), - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 API Cisco ISE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0437\u043b\u0430 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0443\u0437\u0435\u043b.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u0443\u044e \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 Java \u0438\u043b\u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u043d\u0435\u0443\u043a\u0430\u0437\u0430\u043d\u043d\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 API, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u043e\u0431\u0435 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0437\u0430\u0432\u0438\u0441\u044f\u0442 \u0434\u0440\u0443\u0433 \u043e\u0442 \u0434\u0440\u0443\u0433\u0430 \u0438 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Deloitte \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 Cisco ISE 3.0 (\u043f\u0435\u0440\u0435\u0445\u043e\u0434 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e), 3.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 3.1P10), 3.2 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 3.2P7), 3.3 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 3.3P4) \u0438 3.4 (\u043d\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e).\n\n\u0414\u0430\u043d\u043d\u044b\u043c\u0438 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u043c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Cisco \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.", "creation_timestamp": "2025-02-06T12:58:07.000000Z"}, {"uuid": "7119932e-a0d5-4056-a991-54efb56eb4f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://t.me/true_secator/6705", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430\u00a0\u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Identity Services Engine (ISE), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0438 \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u041f\u0435\u0440\u0432\u0430\u044f CVE-2025-20124\u00a0(CVSS: 9,9) \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0435\u0439 Java \u0432 API Cisco ISE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u0414\u0440\u0443\u0433\u0430\u044f, CVE-2025-20125\u00a0(CVSS: 9,1), - \u044d\u0442\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 API Cisco ISE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c\u0438 \u0443\u0447\u0435\u0442\u043d\u044b\u043c\u0438 \u0434\u0430\u043d\u043d\u044b\u043c\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u0443\u044e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044e, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0443\u0437\u043b\u0430 \u0438 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0443\u0437\u0435\u043b.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043b\u044e\u0431\u0443\u044e \u0438\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u043e\u0431\u044a\u0435\u043a\u0442 Java \u0438\u043b\u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u043d\u0430 \u043d\u0435\u0443\u043a\u0430\u0437\u0430\u043d\u043d\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443 API, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u043e\u0431\u0435 \u0434\u0432\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0435 \u0437\u0430\u0432\u0438\u0441\u044f\u0442 \u0434\u0440\u0443\u0433 \u043e\u0442 \u0434\u0440\u0443\u0433\u0430 \u0438 \u043d\u0435 \u0438\u043c\u0435\u044e\u0442 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Deloitte \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b \u0432 Cisco ISE 3.0 (\u043f\u0435\u0440\u0435\u0445\u043e\u0434 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e), 3.1 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 3.1P10), 3.2 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 3.2P7), 3.3 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 3.3P4) \u0438 3.4 (\u043d\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e).\n\n\u0414\u0430\u043d\u043d\u044b\u043c\u0438 \u043e \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u043c \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u043e\u043c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 Cisco \u043d\u0435 \u0440\u0430\u0441\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442, \u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.", "creation_timestamp": "2025-02-06T12:58:07.000000Z"}, {"uuid": "cdd1702d-9182-4f81-9fc5-2b21e2821298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6649", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e EoP-\u043e\u0448\u0438\u0431\u043a\u0443 \u0432 Meeting Management \u0438 DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 ClamAV, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20156 (CVSS 9,9), \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 REST API Meeting Management \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0434\u043b\u044f \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0434\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u0414\u0435\u0444\u0435\u043a\u0442 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u043c \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435\u043c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 \u043a \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c REST API.\n\n\u0412\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043c\u043e\u0436\u043d\u043e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u044b API \u043d\u0430 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043a\u043e\u043d\u0435\u0447\u043d\u0443\u044e \u0442\u043e\u0447\u043a\u0443.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430 \u0443\u0440\u043e\u0432\u043d\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430\u0434 \u043f\u0435\u0440\u0438\u0444\u0435\u0440\u0438\u0439\u043d\u044b\u043c\u0438 \u0443\u0437\u043b\u0430\u043c\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u044f\u044e\u0442\u0441\u044f Cisco Meeting Management.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Cisco, \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b \u0432\u0441\u0435  \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0437\u0430\u043f\u0443\u0449\u0435\u043d\u0430 \u0441\u043b\u0443\u0436\u0431\u0430 Meeting Management, \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0438\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0438 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u0432 Meeting Management \u0432\u0435\u0440\u0441\u0438\u0438 3.9.1.\n\n\u041f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0432\u0435\u0440\u0441\u0438\u0438 3.8 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0440\u0430\u043d\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e. \u0412\u0435\u0440\u0441\u0438\u044f 3.10 \u043d\u0435 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0430.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, Cisco \u043e\u0431\u044a\u044f\u0432\u0438\u043b\u0430 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 CVE-2025-20165 - \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 SIP Cisco BroadWorks, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u044b SIP \u043d\u0435 \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0442\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u044b\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0438\u0445 \u0432 \u0431\u043e\u043b\u044c\u0448\u043e\u043c \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u0435 \u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443, \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u0442\u044c \u043f\u0430\u043c\u044f\u0442\u044c, \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u0441\u0435\u0442\u0435\u0432\u044b\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c BroadWorks, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0438\u043c SIP-\u0442\u0440\u0430\u0444\u0438\u043a, \u0438 \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS, \u0434\u043b\u044f \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0433\u043e \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0440\u0443\u0447\u043d\u043e\u0435 \u0432\u043c\u0435\u0448\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c \u0432\u0435\u0440\u0441\u0438\u0438 BroadWorks RI.2024.11. \u041a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442\u0441\u044f \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u043d\u0435\u0442.\n\nCisco \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442, \u0447\u0442\u043e \u0435\u0439 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e \u043a\u0430\u043a\u0438\u0445-\u043b\u0438\u0431\u043e \u0441\u043b\u0443\u0447\u0430\u044f\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0434\u0432\u0443\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u0438 PoC \u0434\u043b\u044f \u0442\u0440\u0435\u0442\u044c\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Object Linking and Embedding 2 (OLE2) ClamAV \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20128.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u043a\u0443\u0447\u0438 \u043f\u0440\u0438 \u0447\u0442\u0435\u043d\u0438\u0438, \u0432\u044b\u0437\u0432\u0430\u043d\u043d\u044b\u043c \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043d\u0435\u0434\u043e\u0440\u0430\u0441\u0445\u043e\u0434\u043e\u043c \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u0433\u0440\u0430\u043d\u0438\u0446. \n\n\u041e\u043d\u0430 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b, \u0441\u043e\u0434\u0435\u0440\u0436\u0430\u0449\u0438\u0439 \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 OLE2. \u041f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 ClamAV \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441, \u0432\u044b\u0437\u044b\u0432\u0430\u044f \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 DoS.\n\nCisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u0432\u0435\u0440\u0441\u0438\u0438 Secure Endpoint Connector \u0434\u043b\u044f Linux (1.25.1), macOS (1.24.4), Windows (7.5.20 \u0438 8.4.3) \u0438 cloud (4.2.0).\n\n\u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u043e\u0434\u043d\u0430\u043a\u043e \u043e\u0431\u0449\u0430\u044f \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u043d\u0435 \u0441\u0442\u0440\u0430\u0434\u0430\u0435\u0442.\n\n\u041e\u0442\u043c\u0435\u0447\u0430\u0435\u0442\u0441\u044f, \u0447\u0442\u043e \u043d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 PoC \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0434\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445 \u043d\u0435 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u043e.", "creation_timestamp": "2025-01-23T13:52:14.000000Z"}, {"uuid": "4e4ac183-058c-450d-8ee0-ab3497eea277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://t.me/anti_malware/19427", "content": "\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Cisco \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u043c \u0434\u0432\u0438\u0436\u043a\u0435 ClamAV, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0435\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0444\u043e\u0440\u043c\u0430\u0442\u0430 OLE2. \u0411\u0440\u0435\u0448\u044c, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2025-20128, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432\u044b\u0437\u0432\u0430\u0442\u044c DoS \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.", "creation_timestamp": "2025-01-23T07:16:14.000000Z"}, {"uuid": "62b19df0-f935-42be-b594-ac651a7ab293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://threatintel.cc/2025/02/06/critical-cisco-ise-vulnerabilities-patched.html", "content": "", "creation_timestamp": "2025-02-06T12:24:35.000000Z"}, {"uuid": "34108d55-3d47-49e7-b1af-9e89350c3710", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-20128", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lgezpbktq22m", "content": "", "creation_timestamp": "2025-01-23T04:19:28.718504Z"}, {"uuid": "32fd0be6-47ee-470b-8760-da0f7807fcc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgfxgyqq4s2p", "content": "", "creation_timestamp": "2025-01-23T13:11:46.221566Z"}, {"uuid": "7f28a592-5eb4-46f9-a776-daffa7356d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113952194437291969", "content": "", "creation_timestamp": "2025-02-05T16:21:38.598923Z"}, {"uuid": "797767f3-b483-4b2b-849b-56b21f4c73ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://threatintel.cc/2025/01/26/cisco-warns-of-a-clamav.html", "content": "", "creation_timestamp": "2025-01-26T18:07:37.000000Z"}, {"uuid": "138bf1cb-4bed-404e-bfef-0d4861b2c360", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113952770877232105", "content": "", "creation_timestamp": "2025-02-05T18:48:14.940773Z"}, {"uuid": "cbc1e515-eb3f-4da2-8f34-19af4c1155ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113952770929328129", "content": "", "creation_timestamp": "2025-02-05T18:48:29.306078Z"}, {"uuid": "92da68cd-4c26-4bb0-87ba-416236b3dcd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/defendopsdiaries.bsky.social/post/3lge6vwc2zk2q", "content": "", "creation_timestamp": "2025-01-22T20:20:03.191170Z"}, {"uuid": "60af0303-7c7b-4680-b164-312c2966463a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113974226972149204", "content": "", "creation_timestamp": "2025-02-09T13:44:53.878085Z"}, {"uuid": "c07c3c30-fc25-4fe6-a773-71e641cd5a15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113974226972149204", "content": "", "creation_timestamp": "2025-02-09T13:44:53.935865Z"}, {"uuid": "86cb7342-0656-4d2b-aefe-5f2664e7151d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20120", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lltt65lw3l2s", "content": "", "creation_timestamp": "2025-04-02T16:38:27.048019Z"}, {"uuid": "dd2e6f53-7727-41ee-814b-d83ca8a99f01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ls5h7ojr5e2o", "content": "", "creation_timestamp": "2025-06-21T21:02:28.010091Z"}, {"uuid": "16860f7d-f591-4fab-8013-7e42a1c7935f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1464", "content": "", "creation_timestamp": "2025-01-23T04:00:00.000000Z"}, {"uuid": "0b56b9da-b5d5-4321-91a5-1fc9a3b32c5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20126", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/780", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20126\n\ud83d\udd39 Description: A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.\n\nThis vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.\n\ud83d\udccf Published: 2025-01-08T16:09:46.465Z\n\ud83d\udccf Modified: 2025-01-08T19:02:50.019Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N", "creation_timestamp": "2025-01-08T19:13:29.000000Z"}, {"uuid": "da7fee07-95c6-4185-9517-fadcae2933f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2573", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20128\n\ud83d\udd39 Description: A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\n\nThis vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.\nFor a description of this vulnerability, see the .\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-01-22T16:21:12.329Z\n\ud83d\udccf Modified: 2025-01-22T16:55:12.582Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-ole2-H549rphA\n2. https://blog.clamav.net/2025/01/clamav-142-and-108-security-patch.html", "creation_timestamp": "2025-01-22T17:01:43.000000Z"}, {"uuid": "82e8a90e-2c06-4c66-995b-1046813e14c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://t.me/CyberBulletin/2267", "content": "\u26a1CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine.\n\n#CyberBulletin", "creation_timestamp": "2025-02-06T12:53:55.000000Z"}, {"uuid": "f024202b-cdd1-4dde-a6d6-1d0eabb2247f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://t.me/thehackernews/6296", "content": "\ud83d\uded1 Cisco just patched two critical vulnerabilities in Identity Services Engine (ISE) that could allow attackers to execute arbitrary commands and escalate privileges remotely. \n\n\u26a0\ufe0f CVE-2025-20124 & CVE-2025-20125 carry CVSS scores of 9.9 and 9.1.\n\nRead \u2014 https://thehackernews.com/2025/02/cisco-patches-critical-ise.html", "creation_timestamp": "2025-02-06T08:52:45.000000Z"}, {"uuid": "f73a02ed-7e02-44cd-b49c-bc2b3242f981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://t.me/CybNux/7602", "content": "\u0642\u0627\u0645\u062a \u0634\u0631\u0643\u0629 Cisco \u0644\u0644\u062a\u0648 \u0628\u0625\u0635\u0644\u0627\u062d \u062b\u063a\u0631\u062a\u064a\u0646 \u062e\u0637\u064a\u0631\u062a\u064a\u0646 \u0641\u064a Identity Services Engine (ISE) \u0648\u0627\u0644\u062a\u064a \u0642\u062f \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0648\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0639\u0646 \u0628\u0639\u062f.\n\n\u26a0\ufe0f CVE-2025-20124 \u0648 CVE-2025-20125 \u062a\u062d\u0645\u0644 \u062f\u0631\u062c\u0627\u062a CVSS 9.9  - 9.1\n\n#\u0623\u062e\u0628\u0627\u0631", "creation_timestamp": "2025-02-07T00:32:58.000000Z"}, {"uuid": "b102ab02-5659-47f5-83dc-4f5e5d800df6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://t.me/CybNux/7602", "content": "\u0642\u0627\u0645\u062a \u0634\u0631\u0643\u0629 Cisco \u0644\u0644\u062a\u0648 \u0628\u0625\u0635\u0644\u0627\u062d \u062b\u063a\u0631\u062a\u064a\u0646 \u062e\u0637\u064a\u0631\u062a\u064a\u0646 \u0641\u064a Identity Services Engine (ISE) \u0648\u0627\u0644\u062a\u064a \u0642\u062f \u062a\u0633\u0645\u062d \u0644\u0644\u0645\u0647\u0627\u062c\u0645\u064a\u0646 \u0628\u062a\u0646\u0641\u064a\u0630 \u0623\u0648\u0627\u0645\u0631 \u0639\u0634\u0648\u0627\u0626\u064a\u0629 \u0648\u062a\u0635\u0639\u064a\u062f \u0627\u0644\u0627\u0645\u062a\u064a\u0627\u0632\u0627\u062a \u0639\u0646 \u0628\u0639\u062f.\n\n\u26a0\ufe0f CVE-2025-20124 \u0648 CVE-2025-20125 \u062a\u062d\u0645\u0644 \u062f\u0631\u062c\u0627\u062a CVSS 9.9  - 9.1\n\n#\u0623\u062e\u0628\u0627\u0631", "creation_timestamp": "2025-02-07T00:32:58.000000Z"}, {"uuid": "4c5d7eb4-194d-4468-a75d-d7acb11a7835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20123", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113793626131390571", "content": "", "creation_timestamp": "2025-01-08T16:15:38.294772Z"}, {"uuid": "169969ac-528c-4b8e-8fc3-4ffb2fb7c046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20126", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113793626147584315", "content": "", "creation_timestamp": "2025-01-08T16:15:38.498683Z"}, {"uuid": "94e00065-05ad-434b-8fea-0efed79a081d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20123", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113793626771738794", "content": "", "creation_timestamp": "2025-01-08T16:15:48.117232Z"}, {"uuid": "5d7d7dc9-aeee-4cd1-94d2-26a10d84548f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20126", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113793626771738794", "content": "", "creation_timestamp": "2025-01-08T16:15:48.153883Z"}, {"uuid": "9cba0337-4131-4270-b859-ca76529c4507", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/bluecyber.bsky.social/post/3lgebe7owbk2x", "content": "", "creation_timestamp": "2025-01-22T21:03:49.157450Z"}, {"uuid": "223c9d38-368e-4f72-a675-ac4e73eabae4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lgfcym2tits2", "content": "", "creation_timestamp": "2025-01-23T07:16:43.984095Z"}, {"uuid": "39680481-e3c8-44fa-9a95-4160af65281f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/linux.activitypub.awakari.com.ap.brid.gy/post/3lgfe3ua7ifz2", "content": "", "creation_timestamp": "2025-01-23T07:25:44.101416Z"}, {"uuid": "9a58c60c-7c41-4362-9275-913983c442be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lgfg6rd6qb2l", "content": "", "creation_timestamp": "2025-01-23T08:02:53.352029Z"}, {"uuid": "8bd11b1e-d63f-4da4-9d07-d9d3067dcf15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3lhjvdb2l3k2z", "content": "", "creation_timestamp": "2025-02-06T20:09:42.411049Z"}, {"uuid": "59bfd31e-a328-4431-83f2-d2dc3ca6747b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113952255128702135", "content": "", "creation_timestamp": "2025-02-05T16:37:05.531643Z"}, {"uuid": "0545fbce-eb96-4dc6-84e7-49b96f293beb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113952255128702135", "content": "", "creation_timestamp": "2025-02-05T16:37:05.578968Z"}, {"uuid": "58b78c2c-09da-4cd4-8b18-42c180640f14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lhiivlvc4c2z", "content": "", "creation_timestamp": "2025-02-06T06:54:41.482990Z"}, {"uuid": "4a9e4e8b-cd51-4fc8-a7e1-161889d06920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3lhiivlvc4c2z", "content": "", "creation_timestamp": "2025-02-06T06:54:41.548463Z"}, {"uuid": "67dd20f1-ac17-425e-88a7-33576c67538d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lgoyxmuhos24", "content": "", "creation_timestamp": "2025-01-27T03:32:54.879509Z"}, {"uuid": "bfc0a516-f0f5-411d-8c2a-fc626564d11e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lj4tvywfoo2m", "content": "", "creation_timestamp": "2025-02-27T02:30:09.312238Z"}, {"uuid": "035f1e31-c756-445c-927f-a444244733a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lj4tvywfoo2m", "content": "", "creation_timestamp": "2025-02-27T02:30:09.374022Z"}, {"uuid": "1c708ac6-dd52-44a8-ac0d-372766a796ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://t.me/cvedetector/17312", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20125 - Cisco ISE API Unauthorized Read-Only Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2025-20125 \nPublished : Feb. 5, 2025, 5:15 p.m. | 49\u00a0minutes ago \nDescription : A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker with valid read-only credentials to obtain sensitive information, change node configurations, and restart the node.  \n  \nThis vulnerability is due to a lack of authorization in a specific API and improper validation of user-supplied data. An attacker could exploit this vulnerability by sending a crafted HTTP request to a specific API on the device. A successful exploit could allow the attacker to attacker to obtain information, modify system configuration, and reload the device.  \nNote:\u00a0To successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. In a single-node deployment, new devices will not be able to authenticate during the reload time. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T19:09:20.000000Z"}, {"uuid": "957ecbd9-4651-4508-8ef3-be196dabaa54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://t.me/cvedetector/17311", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20124 - Cisco ISE Remote Code Execution (RCE) via Insecure Deserialization\", \n  \"Content\": \"CVE ID : CVE-2025-20124 \nPublished : Feb. 5, 2025, 5:15 p.m. | 49\u00a0minutes ago \nDescription : A vulnerability in an API of Cisco ISE could allow an authenticated, remote attacker to execute arbitrary commands as the root user on an affected device.  \n  \nThis vulnerability is due to insecure deserialization of user-supplied Java byte streams by the affected software. An attacker could exploit this vulnerability by sending a crafted serialized Java object to an affected API. A successful exploit could allow the attacker to execute arbitrary commands on the device and elevate privileges.  \nNote:\u00a0To successfully exploit this vulnerability, the attacker must have valid read-only administrative credentials. In a single-node deployment, new devices will not be able to authenticate during the reload time. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T19:09:20.000000Z"}, {"uuid": "32a27c4a-9c92-48ae-8d08-08f0bba20aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "exploited", "source": "https://t.me/itsec_news/5206", "content": "\u200b\u26a1\ufe0fPoC \u0432 \u0441\u0435\u0442\u0438: \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 Cisco ClamAV \u043e\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u0435\u0442 \u0437\u0430\u0449\u0438\u0442\u0443 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\n\n\ud83d\udcac Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 ClamAV, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0435\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (Denial of Service, DoS).\n\nCVE-2025-20128 \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u043a\u0443\u0447\u0435 (heap-based buffer overflow) \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0440\u0430\u0441\u0448\u0438\u0444\u0440\u043e\u0432\u043a\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 Object Linking and Embedding 2 (OLE2). \u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f DoS-\u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0415\u0441\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0431\u0443\u0434\u0435\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0430, \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u043d\u043e\u0433\u043e \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f ClamAV \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0432\u0435\u0440\u0448\u0438\u0442\u044c\u0441\u044f \u0441\u0431\u043e\u0435\u043c, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0451\u0442 \u043a \u0437\u0430\u0434\u0435\u0440\u0436\u043a\u0435 \u0438\u043b\u0438 \u043f\u043e\u043b\u043d\u043e\u043c\u0443 \u043f\u0440\u0435\u043a\u0440\u0430\u0449\u0435\u043d\u0438\u044e \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0438\u0445 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0439 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f. \u0412 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438, \u0447\u0442\u043e \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0438 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u044b\u043c OLE2 \u043d\u0430 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435. \u0423\u0441\u043f\u0435\u0448\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u043f\u0440\u0438\u0432\u0435\u0434\u0451\u0442 \u043a \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f, \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u044f DoS-\u0443\u0441\u043b\u043e\u0432\u0438\u0435. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0432 \u0446\u0435\u043b\u043e\u043c \u043d\u0435 \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0435\u0442.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 Secure Endpoint Connector, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441 Linux, macOS \u0438 Windows. \u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d \u0434\u043b\u044f \u043f\u0435\u0440\u0435\u0434\u0430\u0447\u0438 \u0436\u0443\u0440\u043d\u0430\u043b\u043e\u0432 \u0438 \u0441\u043e\u0431\u044b\u0442\u0438\u0439 Cisco Secure Endpoint \u0432 SIEM-\u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0432 Cisco \u043d\u0435 \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u0441\u043b\u0443\u0447\u0430\u0435\u0432 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u0432 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0438 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e PoC-\u043a\u043e\u0434\u0430.\n\n\u0412 \u043e\u043a\u0442\u044f\u0431\u0440\u0435 IntelBroker \u0437\u0430\u044f\u0432\u0438\u043b \u043e \u0432\u0437\u043b\u043e\u043c\u0435 \u0441\u0438\u0441\u0442\u0435\u043c Cisco \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u0430\u043c, \u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430\u043c, \u0443\u0447\u0435\u0442\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c, \u043a\u043b\u044e\u0447\u0430\u043c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0438 \u0434\u0440\u0443\u0433\u0438\u043c \u043c\u0430\u0442\u0435\u0440\u0438\u0430\u043b\u0430\u043c. \u0421\u0440\u0435\u0434\u0438 \u0443\u0442\u0435\u0447\u0435\u043a \u044f\u043a\u043e\u0431\u044b \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0434\u0430\u043d\u043d\u044b\u0435, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u043c\u0438 \u043a\u0440\u0443\u043f\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0439.\n\n\u0412 \u043d\u043e\u044f\u0431\u0440\u0435 \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u0441 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f \u0445\u0430\u043a\u0435\u0440\u044b Volt Typhoon \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0432\u0437\u043b\u0430\u043c\u044b\u0432\u0430\u044e\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u0410\u0437\u0438\u0438 \u0438 \u0441\u043e\u0437\u0434\u0430\u044e\u0442 \u043d\u043e\u0432\u0443\u044e \u0441\u0435\u0442\u044c \u0437\u0430\u0440\u0430\u0436\u0451\u043d\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432. \u041e\u0441\u043d\u043e\u0432\u043d\u0430\u044f \u0446\u0435\u043b\u044c \u2014 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco RV320/325 \u0438 Netgear ProSafe. \u0417\u0430 37 \u0434\u043d\u0435\u0439 Volt Typhoon \u0441\u043c\u043e\u0433\u043b\u0430 \u0437\u0430\u0440\u0430\u0437\u0438\u0442\u044c \u043f\u043e\u0447\u0442\u0438 30% \u0432\u0441\u0435\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0432 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco RV320/325. \u042d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u043e\u043a\u0430 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u0442\u043e\u0447\u043d\u043e \u0441\u043a\u0430\u0437\u0430\u0442\u044c, \u043a\u0430\u043a\u0438\u0435 \u0438\u043c\u0435\u043d\u043d\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f, \u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442, \u0447\u0442\u043e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u0442\u043e\u043c, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u0441\u0442\u0430\u0440\u0435\u0432\u0448\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0431\u043e\u043b\u044c\u0448\u0435 \u043d\u0435\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2025-01-23T10:49:40.000000Z"}, {"uuid": "f2c30e8e-1d14-49f0-9513-213b90ac994e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/47500", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aEsse script explora a vulnerabilidade CVE-2025-20124 \u2014 uma falha de Java Deserialization no Cisco ISE (Identity Services Engine) que permite Remote Code Execution (RCE).\nURL\uff1ahttps://github.com/137f/Cisco-ISE-3.0---Remote-Code-Execution-RCE-\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-08-12T22:35:48.000000Z"}, {"uuid": "091fda74-9115-4969-ad8a-21ed04c8bbb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20127", "type": "seen", "source": "https://t.me/true_secator/7332", "content": "Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 20 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u043d\u043e\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0437\u0430 \u0430\u0432\u0433\u0443\u0441\u0442 2025 \u0433\u043e\u0434\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Secure Firewall Management Center (FMC), Secure Firewall Threat Defense (FTD) \u0438 Secure Firewall Adaptive Security Appliance (ASA).\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2025-20265 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 10,0) \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Secure FMC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0443\u044e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco FTD \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b RADIUS, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u0432\u0432\u043e\u0434\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0445\u043e\u0434\u044f\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 RADIUS.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Secure FMC \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e RADIUS \u0434\u043b\u044f \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f SSH \u0438\u043b\u0438 \u043e\u0431\u043e\u0438\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Secure FMC Software 7.0.7 \u0438 7.7.0, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0438\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f RADIUS.\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439, \u043a\u0440\u043e\u043c\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439, \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u041f\u043e\u043c\u0438\u043c\u043e CVE-2025-20265 Cisco \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a:\n\n- CVE-2025-20217\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Snort 3 \u0432 Secure Firewall Threat Defense.\n\n- CVE-2025-20222\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c IPv6 \u0447\u0435\u0440\u0435\u0437 IPsec \u0432 Secure Firewall \u0438 Secure Firewall \u0434\u043b\u044f Firepower \u0441\u0435\u0440\u0438\u0438 2100.\n\n- CVE-2025-20224, CVE-2025-20225, CVE-2025-20239\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IKEv2 \u0432 IOS, IOS XE, Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense Software.\n\n- CVE-2025-20133, CVE-2025-20243\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 SSL VPN \u0434\u043b\u044f Secure Firewall \u0438 Secure Firewall.\n\n- CVE-2025-20134\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SSL/TLS-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0432 Secure Firewall \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20136\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 DNS \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20263\u00a0(CVSS: 8,6): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense Software.\n\n- CVE-2025-20148\u00a0(CVSS: 8,5): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c HTML-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Secure Firewall Management Center.\n\n- CVE-2025-20251\u00a0(CVSS: 8,5): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 VPN \u0432 Secure Firewall \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20127\u00a0(CVSS: 7,7): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f TLS 1.3 \u0442\u0438\u043f\u0430 DoS \u0432 Secure Firewall \u0438 Secure Firewall \u0434\u043b\u044f Firepower \u0441\u0435\u0440\u0438\u0439 3100 \u0438 4200.\n\n- CVE-2025-20244\u00a0(CVSS: 7,7): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 VPN \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u043f\u043e\u043a\u0430 \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0441\u043e\u0431\u043e\u0435 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0435 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u043a \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 - \u044d\u0442\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u043e\u0439\u0442\u0438.", "creation_timestamp": "2025-08-15T11:00:11.000000Z"}, {"uuid": "319556f7-b5df-4eb5-a09f-d96e58c7f77f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20129", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/1765", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0431\u0430\u0433\u0438 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Cisco, \u0435\u0441\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 PoC\n\n\u0412\u0447\u0435\u0440\u0430 Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0434\u0435\u0441\u044f\u0442\u044c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439 \u0438 \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u044b \u0432 Identity Services Engine (ISE), Customer Collaboration Platform (CCP),  NDFC \u0438 Unified Communications. \u0414\u043b\u044f \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0431\u0430\u0433\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0439, \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d proof of concept, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 \u043d\u0443\u0436\u043d\u043e \u043f\u043e\u0442\u043e\u0440\u043e\u043f\u0438\u0442\u044c\u0441\u044f \u0441 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0432\u0430\u0436\u043d\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u0442\u044c CVE-2025-20286 \u0441 CVSS 9.9, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 Cisco ISE 3.1-3.4, \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442\u044b\u0435 \u0432 AWS, Azure \u0438\u043b\u0438 OCI. \u0421\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0432 ISE, \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442\u044b\u0445 \u0443 \u0440\u0430\u0437\u043d\u044b\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u043f\u0440\u0430\u0432\u0434\u0430, \u0434\u0435\u0444\u0435\u043a\u0442 \u043c\u043e\u0436\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u0442\u043e\u043b\u044c\u043a\u043e \u0435\u0441\u043b\u0438 \u0432 \u043e\u0431\u043b\u0430\u043a\u0435 \u0440\u0430\u0437\u0432\u0451\u0440\u043d\u0443\u0442 \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u0443\u0437\u0435\u043b \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f.\n\n\u0422\u0435\u043c, \u043a\u0442\u043e \u043d\u0435 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u044b \u043c\u0438\u0442\u0438\u0433\u0430\u0446\u0438\u0438 \u0432\u043f\u043b\u043e\u0442\u044c \u0434\u043e \u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0441\u0431\u0440\u043e\u0441\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a.\n\n\u0415\u0449\u0451 \u0434\u0432\u0430 \u0434\u0435\u0444\u0435\u043a\u0442\u0430 \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u043c PoC (\u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u043f\u043e\u043a\u0430 \u043d\u0435 \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u0430):\nCVE-2025-20130 (CVSS 4.9) \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Cisco ISE\nCVE-2025-20129 (CVSS 4.3) \u2014 \u0443\u0442\u0435\u0447\u043a\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438\u0437 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 Cisco Customer Collaboration Platform (\u0432 \u0434\u0435\u0432\u0438\u0447\u0435\u0441\u0442\u0432\u0435 SocialMiner).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e\u0441\u0442\u0438 \u0431\u0435\u0437 PoC:\nCVE-2025-20261 (CVSS 8.8) \u2014 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Cisco IMC \u0447\u0435\u0440\u0435\u0437 SSH\nCVE-2025-20163 (CVSS 8.7) \u2014 \u0441\u043f\u0443\u0444\u0438\u043d\u0433 \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0449\u0435\u043d\u0438\u0438 \u043a Nexus Dashboard Fabric \u0447\u0435\u0440\u0435\u0437 SSH.\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-06-05T14:01:48.000000Z"}, {"uuid": "b09acddf-f28c-4a3c-9bd9-996cc91df313", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20129", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/7105", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u043a\u043e\u0434\u043e\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Identity Services Engine (ISE) \u0438 Customer Collaboration Platform (CCP).\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u043d\u0438\u0445 \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a\u00a0CVE-2025-20286 \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u0430\u044f \u041a\u0435\u043d\u0442\u0430\u0440\u043e \u041a\u0430\u0432\u0430\u043d\u0435 \u0438\u0437 GMO Cybersecurity \u0432 Cisco ISE.\n\n\u041f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0435 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0435 \u0440\u0435\u0430\u043b\u0438\u0437\u0443\u0435\u0442 \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u043b\u0438\u0442\u0438\u043a \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0435\u0447\u043d\u044b\u043c \u0442\u043e\u0447\u043a\u0430\u043c \u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0440\u0435\u0434\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0439 \u0433\u0435\u043d\u0435\u0440\u0430\u0446\u0438\u0435\u0439 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0438 Cisco ISE \u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430\u0445 \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u043e\u0431\u0449\u0438\u0445 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0432 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043e\u0431\u043b\u0430\u0447\u043d\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f\u0445 Amazon Web Services (AWS), Microsoft Azure \u0438 Oracle Cloud Infrastructure (OCI) Cisco ISE \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442  \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u0430\u043d\u043d\u044b\u043c, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0435 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438, \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u043d\u044b\u0435 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 \u0438\u043b\u0438 \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u044c \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u043b\u0443\u0436\u0431 \u0432 \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445.\n\n\u041e\u0434\u043d\u0430\u043a\u043e, \u043a\u0430\u043a \u043f\u043e\u044f\u0441\u043d\u0438\u043b\u0438 \u0432 Cisco, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0443\u0441\u043f\u0435\u0448\u043d\u043e \u043f\u0440\u043e\u044d\u043a\u0443\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u043a \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435, \u0435\u0441\u043b\u0438 \u0443\u0437\u0435\u043b \u043f\u0435\u0440\u0432\u0438\u0447\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u043d\u0443\u0442 \u0432 \u043e\u0431\u043b\u0430\u043a\u0435.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c Cisco PSIRT \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, \u0447\u0442\u043e \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d \u043a\u043e\u0434 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\nCisco \u043e\u0442\u043c\u043a\u0435\u0442\u0438\u043b\u0430, \u0447\u0442\u043e \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f ISE \u043d\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0434\u043b\u044f \u0430\u0442\u0430\u043a:\n\n- \u0432\u0441\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0441 \u043b\u044e\u0431\u044b\u043c\u0438 \u0444\u043e\u0440\u043c-\u0444\u0430\u043a\u0442\u043e\u0440\u0430\u043c\u0438, \u0433\u0434\u0435 \u0430\u0440\u0442\u0435\u0444\u0430\u043a\u0442\u044b \u0443\u0441\u0442\u0430\u043d\u0430\u0432\u043b\u0438\u0432\u0430\u044e\u0442\u0441\u044f \u0438\u0437 \u0426\u0435\u043d\u0442\u0440\u0430 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u041f\u041e Cisco (ISO \u0438\u043b\u0438 OVA). \u042d\u0442\u043e \u0432\u043a\u043b\u044e\u0447\u0430\u0435\u0442 \u0432 \u0441\u0435\u0431\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0435 \u043c\u0430\u0448\u0438\u043d\u044b \u0441 \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u043c\u0438 \u0444\u043e\u0440\u043c-\u0444\u0430\u043a\u0442\u043e\u0440\u0430\u043c\u0438.\n- \u043d\u0430 Azure VMware (AVS)\n- \u043d\u0430 Google Cloud VMware Engine\n- \u0432 \u043e\u0431\u043b\u0430\u043a\u0435 VMware \u0432 AWS\n- \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u044b\u0435 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f ISE \u0441\u043e \u0432\u0441\u0435\u043c\u0438 \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e, \u0430 \u0434\u0440\u0443\u0433\u0438\u0435 - \u0432 \u043e\u0431\u043b\u0430\u043a\u0435.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u044b \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u0443\u00a0application reset-config ise\u00a0\u043d\u0430 \u043e\u0431\u043b\u0430\u0447\u043d\u043e\u043c \u0443\u0437\u043b\u0435 Primary Administration Persona, \u0447\u0442\u043e\u0431\u044b \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043d\u0430 \u043d\u043e\u0432\u044b\u0435 \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430\u043c \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u043c\u043d\u0438\u0442\u044c, \u0447\u0442\u043e \u044d\u0442\u0430 \u043a\u043e\u043c\u0430\u043d\u0434\u0430 \u0432\u0435\u0440\u043d\u0435\u0442 Cisco ISE \u043a \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u043c \u0438 \u0432\u043e\u0441\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0440\u0435\u0437\u0435\u0440\u0432\u043d\u044b\u0445 \u043a\u043e\u043f\u0438\u0439 \u0442\u0430\u043a\u0436\u0435 \u0432\u0435\u0440\u043d\u0435\u0442 \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435.\n\n\u0421\u0440\u0435\u0434\u0438 \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c PoC - \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u0430\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0444\u0430\u0439\u043b\u0430 (CVE-2025-20130) \u0432 Cisco ISE \u0438 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 (CVE-2025-20129) \u0432 Cisco Customer Collaboration Platform (Cisco SocialMiner).", "creation_timestamp": "2025-06-05T11:57:18.000000Z"}, {"uuid": "381ad0d4-5728-4883-af4d-65ce5295af4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20120", "type": "seen", "source": "https://t.me/cvedetector/21902", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20120 - Cisco EPNM and Prime Infrastructure Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20120 \nPublished : April 2, 2025, 5:15 p.m. | 1\u00a0hour, 15\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.  \n  \n This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T20:50:38.000000Z"}, {"uuid": "490e31aa-b105-42fd-a4f1-1c4d7ef5984f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://t.me/cvedetector/16133", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20128 - ClamAV OLE2 Denial of Service (DoS) Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20128 \nPublished : Jan. 22, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.  \n  \nThis vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.  \nFor a description of this vulnerability, see the .  \nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-22T18:54:41.000000Z"}, {"uuid": "190f35e0-0e9f-4804-b818-4ebe1bee4407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20126", "type": "seen", "source": "https://t.me/cvedetector/14688", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20126 - Cisco ThousandEyes Endpoint Agent for macOS and RoomOS Invalid Certificate Validation Certificate Forgery Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20126 \nPublished : Jan. 8, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information.  \n  \nThis vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T18:19:06.000000Z"}, {"uuid": "cb2f9a2d-42c9-48a0-b0b1-c252c27f55a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://t.me/CyberBulletin/2267", "content": "\u26a1CVE-2025-20124 (CVSS 9.9) & CVE-2025-20125 (CVSS 9.1): Cisco Patches Critical Flaws in Identity Services Engine.\n\n#CyberBulletin", "creation_timestamp": "2025-02-06T12:53:55.000000Z"}, {"uuid": "bd0d736c-46d0-4111-844f-797998ec62f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20123", "type": "seen", "source": "https://t.me/cvedetector/14687", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20123 - Cisco Crosswork Network Controller Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2025-20123 \nPublished : Jan. 8, 2025, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Multiple vulnerabilities in the web-based management interface of Cisco Crosswork Network Controller could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users of the interface of an affected system.  \n  \nThese vulnerabilities exist because the web-based management interface does not properly validate user-supplied input. An attacker could exploit these vulnerabilities by inserting malicious data into specific data fields in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. To exploit these vulnerabilities, the attacker must have valid administrative credentials.  \nCisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T18:19:06.000000Z"}, {"uuid": "fd4ba1bf-cb59-468d-a444-dc128dab2983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://t.me/thehackernews/6296", "content": "\ud83d\uded1 Cisco just patched two critical vulnerabilities in Identity Services Engine (ISE) that could allow attackers to execute arbitrary commands and escalate privileges remotely. \n\n\u26a0\ufe0f CVE-2025-20124 & CVE-2025-20125 carry CVSS scores of 9.9 and 9.1.\n\nRead \u2014 https://thehackernews.com/2025/02/cisco-patches-critical-ise.html", "creation_timestamp": "2025-02-06T08:52:45.000000Z"}, {"uuid": "9533ce36-2a97-42ee-b552-00df12899b26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20123", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfakr4o7bj22", "content": "", "creation_timestamp": "2025-01-08T16:16:13.754346Z"}, {"uuid": "c6c33d83-88de-496c-a3da-65289f40f3cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20126", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfakr6v52325", "content": "", "creation_timestamp": "2025-01-08T16:16:16.059586Z"}, {"uuid": "36fecab3-2580-4583-8851-06ee70ac533c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20123", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfamb4giub2w", "content": "", "creation_timestamp": "2025-01-08T16:43:04.610956Z"}, {"uuid": "96b86945-a046-4657-8965-68e59d8439fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20126", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfamb5ieuq2r", "content": "", "creation_timestamp": "2025-01-08T16:43:08.540789Z"}, {"uuid": "1f9f92b1-993a-45da-bf38-43c8a257f235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://threatintel.cc/2025/02/06/critical-cisco-ise-vulnerabilities-patched.html", "content": "", "creation_timestamp": "2025-02-06T12:24:35.000000Z"}, {"uuid": "47a9a5d1-ff28-4eaa-9136-9c9aed573160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://threatintel.cc/2025/02/07/ciscos-ise-bugs-could-allow.html", "content": "", "creation_timestamp": "2025-02-07T12:38:53.000000Z"}, {"uuid": "c8a76340-c552-4dee-a573-502740852df8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lhitlrcmdh27", "content": "", "creation_timestamp": "2025-02-06T10:05:59.596627Z"}, {"uuid": "826be47b-dfe6-4be0-b20d-5a57bb3665f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lhitlrcmdh27", "content": "", "creation_timestamp": "2025-02-06T10:05:59.681102Z"}, {"uuid": "1cc3eb59-3768-417f-9304-44a36b188992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lghapfeksr2a", "content": "", "creation_timestamp": "2025-01-24T01:30:09.390541Z"}, {"uuid": "228bfbb5-755a-4c7d-9058-e3e2df705822", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lhiuc3heds2i", "content": "", "creation_timestamp": "2025-02-06T10:18:28.507134Z"}, {"uuid": "d9a3d23e-13da-436a-8734-081eb127f358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lhiuc3heds2i", "content": "", "creation_timestamp": "2025-02-06T10:18:28.575839Z"}, {"uuid": "3526c8c1-0684-4204-83cb-daf8319e13d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3lhjvdb2l3k2z", "content": "", "creation_timestamp": "2025-02-06T20:09:42.479156Z"}, {"uuid": "b49e45f4-140a-4ac5-b500-ca2e4153a49f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lhjnbvplus2b", "content": "", "creation_timestamp": "2025-02-06T17:45:58.881298Z"}, {"uuid": "227037fc-3eaf-486f-bfa2-9542e960ff43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/aakl.bsky.social/post/3lhjnbvplus2b", "content": "", "creation_timestamp": "2025-02-06T17:45:58.947344Z"}, {"uuid": "d43aeddd-082a-491c-8111-89b57d92034a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lhj7bqkfx42k", "content": "", "creation_timestamp": "2025-02-06T13:35:08.558234Z"}, {"uuid": "e17a9510-0afa-48a0-a9a7-1ea4a103992b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3lhj7bqkfx42k", "content": "", "creation_timestamp": "2025-02-06T13:35:08.621620Z"}, {"uuid": "76e2da8b-3c3e-4a97-9e98-a6ec8641e05b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhi5rhh25k2h", "content": "", "creation_timestamp": "2025-02-06T03:35:32.285133Z"}, {"uuid": "3982e277-068d-4d44-a9ba-68f272f50487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lhi5rhh25k2h", "content": "", "creation_timestamp": "2025-02-06T03:35:32.391274Z"}, {"uuid": "0623c92c-8cd4-4203-84ed-77ec49aaadbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113952194402567067", "content": "", "creation_timestamp": "2025-02-05T16:21:38.217339Z"}, {"uuid": "3efddf4e-36f9-4e7d-a09d-7703b27bab70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://thehackernews.com/2025/02/cisco-patches-critical-ise.html", "content": "", "creation_timestamp": "2025-02-06T06:40:00.000000Z"}, {"uuid": "3b9921b0-8799-4458-a3da-7af522a52029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhh35fcirc2t", "content": "", "creation_timestamp": "2025-02-05T17:15:47.267516Z"}, {"uuid": "d1dbb621-ec80-4770-9024-e13a9ee517eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lhjhl6n4sy2h", "content": "", "creation_timestamp": "2025-02-06T16:03:34.958201Z"}, {"uuid": "9af3961b-d056-4bf3-b67d-81c0af988de4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhjpv6i5ul2o", "content": "", "creation_timestamp": "2025-02-06T18:32:19.521091Z"}, {"uuid": "9abcfa79-953e-4584-9f80-350d9da684eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lhjpv6zenl2o", "content": "", "creation_timestamp": "2025-02-06T18:32:20.306035Z"}, {"uuid": "ad083f92-4a92-4770-8b79-4946f7947a33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://threatintel.cc/2025/02/07/ciscos-ise-bugs-could-allow.html", "content": "", "creation_timestamp": "2025-02-07T12:38:53.000000Z"}, {"uuid": "b91370bb-d1a5-4cec-8bef-d80f01ff5818", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/113895132098276575", "content": "", "creation_timestamp": "2025-01-26T14:29:59.628033Z"}, {"uuid": "11810ddb-d5c6-46b1-a777-ab5f1da8dd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://threatintel.cc/2025/01/23/cisco-warns-of-denial-of.html", "content": "", "creation_timestamp": "2025-01-23T13:23:02.000000Z"}, {"uuid": "b10aed6c-804f-42e4-bae8-15d3800597ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhhesoeubz2z", "content": "", "creation_timestamp": "2025-02-05T20:08:45.272349Z"}, {"uuid": "891b3cfe-2279-4753-8b27-defe8e1bab01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhhesoi7us2w", "content": "", "creation_timestamp": "2025-02-05T20:08:45.913927Z"}, {"uuid": "f6b63993-36ad-4f27-9206-d1045fc1ad00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113872897424390072", "content": "", "creation_timestamp": "2025-01-22T16:15:22.743866Z"}, {"uuid": "07113bff-3cc9-46a2-a7bb-0847a2932479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgdumby25a2x", "content": "", "creation_timestamp": "2025-01-22T17:15:39.728083Z"}, {"uuid": "08018f16-7651-4c09-88a2-42e8f6472112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20128", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lge5j7gz222g", "content": "", "creation_timestamp": "2025-01-22T19:55:06.788903Z"}, {"uuid": "f6e04bb8-3027-4970-b842-68099b966989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2012", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-119/", "content": "", "creation_timestamp": "2025-03-10T04:00:00.000000Z"}, {"uuid": "234f272a-a689-4d38-b224-70d7d3b1d6fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "cve-2025-2012", "type": "seen", "source": "https://bsky.app/profile/intelrob.bsky.social/post/3lmqdm6lzvc2q", "content": "", "creation_timestamp": "2025-04-14T00:47:09.164858Z"}, {"uuid": "be9d607b-b91f-4803-9106-95c9263ce776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lw54pe3wcn2n", "content": "", "creation_timestamp": "2025-08-11T15:35:01.438709Z"}, {"uuid": "501369ac-c2c5-42d9-a13c-7bf1d21c52cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lw54pzjns22a", "content": "", "creation_timestamp": "2025-08-11T15:35:23.083755Z"}, {"uuid": "7ddcc78b-8d37-4053-a6be-572eb1cc1ada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lw54qfuog52r", "content": "", "creation_timestamp": "2025-08-11T15:35:36.817475Z"}, {"uuid": "886e1d48-9dab-4ec8-ab23-9c031df47f46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwa7hpnbrb2p", "content": "", "creation_timestamp": "2025-08-12T21:02:29.261305Z"}, {"uuid": "df7ef120-4848-40be-bdaa-5f9797ae9570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwa7hppsno25", "content": "", "creation_timestamp": "2025-08-12T21:02:29.812114Z"}, {"uuid": "16eb4e8c-6627-4a72-8aca-288d1236ca48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "published-proof-of-concept", "source": "Telegram/wFoDPO2juTetScN1lMUJrga6MvbS0jfuEP5RLYRBlBKL1Xg", "content": "", "creation_timestamp": "2025-06-16T15:00:08.000000Z"}, {"uuid": "c3af1440-2492-4b95-b593-882b2fdc846d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20125", "type": "published-proof-of-concept", "source": "Telegram/wFoDPO2juTetScN1lMUJrga6MvbS0jfuEP5RLYRBlBKL1Xg", "content": "", "creation_timestamp": "2025-06-16T15:00:08.000000Z"}, {"uuid": "24f599b0-127c-489f-98c4-dbca45a1457b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20129", "type": "seen", "source": "https://t.me/ViralCyber/14217", "content": "\u0627\u0634\u06a9\u0627\u0644\u0627\u062a \u0628\u062d\u0631\u0627\u0646\u06cc \u062f\u0631 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0633\u06cc\u0633\u06a9\u0648\u060c \u06cc\u06a9 \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645\u06cc \u0639\u0645\u0648\u0645\u06cc \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f\n\n\u0633\u06cc\u0633\u06a9\u0648 \u062f\u06cc\u0631\u0648\u0632 \u062f\u0647 \u0628\u0648\u0644\u062a\u0646 \u0645\u0646\u062a\u0634\u0631 \u06a9\u0631\u062f \u0648 \u0646\u0642\u0635\u200c\u0647\u0627\u06cc \u0645\u0648\u062c\u0648\u062f \u062f\u0631 \u0645\u0648\u062a\u0648\u0631 \u062e\u062f\u0645\u0627\u062a \u0647\u0648\u06cc\u062a (ISE)\u060c \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0645\u06a9\u0627\u0631\u06cc \u0645\u0634\u062a\u0631\u06cc (CCP)\u060c NDFC \u0648 \u0627\u0631\u062a\u0628\u0627\u0637\u0627\u062a \u06cc\u06a9\u067e\u0627\u0631\u0686\u0647 \u0631\u0627 \u0628\u0631\u0637\u0631\u0641 \u06a9\u0631\u062f. \u0627\u062b\u0628\u0627\u062a \u0627\u062f\u0639\u0627 \u0628\u0631\u0627\u06cc \u0628\u0631\u062e\u06cc \u0627\u0632 \u0627\u0634\u06a9\u0627\u0644\u0627\u062a\u060c \u0627\u0632 \u062c\u0645\u0644\u0647 \u06cc\u06a9 \u0645\u0648\u0631\u062f \u0628\u062d\u0631\u0627\u0646\u06cc\u060c \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0627\u0633\u062a\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0645\u062f\u06cc\u0631\u0627\u0646 \u0645\u062d\u0635\u0648\u0644\u0627\u062a \u0622\u0633\u06cc\u0628\u200c\u062f\u06cc\u062f\u0647 \u0628\u0627\u06cc\u062f \u0639\u062c\u0644\u0647 \u06a9\u0646\u0646\u062f \u0648 \u0628\u0647\u200c\u0631\u0648\u0632\u0631\u0633\u0627\u0646\u06cc \u0627\u0646\u062c\u0627\u0645 \u062f\u0647\u0646\u062f.\n\n\u0645\u0647\u0645\u200c\u062a\u0631\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u06a9\u0647 \u0628\u0627\u06cc\u062f \u0628\u0631\u0637\u0631\u0641 \u0634\u0648\u062f \u060c CVE-2025-20286 \u0628\u0627 CVSS 9.9 \u0627\u0633\u062a \u06a9\u0647 Cisco ISE 3.1-3.4 \u0645\u0633\u062a\u0642\u0631 \u062f\u0631 AWS\u060c Azure \u06cc\u0627 OCI \u0631\u0627 \u062a\u062d\u062a \u062a\u0623\u062b\u06cc\u0631 \u0642\u0631\u0627\u0631 \u0645\u06cc\u200c\u062f\u0647\u062f. \u0627\u0639\u062a\u0628\u0627\u0631\u0646\u0627\u0645\u0647\u200c\u0647\u0627\u06cc \u0627\u0633\u062a\u0627\u062a\u06cc\u06a9 \u0631\u0627 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646 \u062f\u0631 ISE\u0647\u0627\u06cc \u0645\u0633\u062a\u0642\u0631 \u0628\u0631\u0627\u06cc \u0645\u0634\u062a\u0631\u06cc\u0627\u0646 \u0645\u062e\u062a\u0644\u0641 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0631\u062f\u060c \u0627\u06af\u0631\u0686\u0647 \u0627\u06cc\u0646 \u0646\u0642\u0635 \u0641\u0642\u0637 \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u0642\u0627\u0628\u0644 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0633\u062a \u06a9\u0647 \u06af\u0631\u0647 \u0627\u062f\u0645\u06cc\u0646 \u0627\u0635\u0644\u06cc \u062f\u0631 \u0627\u0628\u0631 \u0645\u0633\u062a\u0642\u0631 \u0628\u0627\u0634\u062f.\n\n\u0628\u0631\u0627\u06cc \u06a9\u0633\u0627\u0646\u06cc \u06a9\u0647 \u0646\u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u0646\u062f \u0648\u0635\u0644\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0631\u0627 \u0627\u0639\u0645\u0627\u0644 \u06a9\u0646\u0646\u062f\u060c \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u067e\u06cc\u0634\u06af\u06cc\u0631\u0627\u0646\u0647 \u0627\u0632 \u062c\u0645\u0644\u0647 \u062a\u0646\u0638\u06cc\u0645 \u0645\u062c\u062f\u062f \u06a9\u0627\u0645\u0644 \u062a\u0646\u0638\u06cc\u0645\u0627\u062a \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc\u200c\u0634\u0648\u062f.\n\n\u062f\u0648 \u0646\u0642\u0635 \u062f\u06cc\u06af\u0631 \u0628\u0627 \u0627\u062b\u0628\u0627\u062a \u0627\u062f\u0639\u0627\u06cc \u0639\u0645\u0648\u0645\u06cc (\u0647\u0646\u0648\u0632 \u0647\u06cc\u0686 \u0633\u0648\u0621\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u062e\u0631\u0628\u06cc \u0645\u0634\u0627\u0647\u062f\u0647 \u0646\u0634\u062f\u0647 \u0627\u0633\u062a):\nCVE-2025-20130 (CVSS 4.9) - \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0622\u067e\u0644\u0648\u062f \u0641\u0627\u06cc\u0644 \u062f\u0644\u062e\u0648\u0627\u0647 \u062f\u0631 \u062f\u0633\u062a\u06af\u0627\u0647\u200c\u0647\u0627\u06cc Cisco ISE\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc CVE-2025-20129 (CVSS 4.3) \u06cc\u06a9 \u0646\u0634\u062a \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0627\u0632 \u067e\u0644\u062a\u0641\u0631\u0645 \u0647\u0645\u06a9\u0627\u0631\u06cc \u0645\u0634\u062a\u0631\u06cc \u0633\u06cc\u0633\u06a9\u0648 (\u06a9\u0647 \u0642\u0628\u0644\u0627\u064b SocialMiner \u0646\u0627\u0645 \u062f\u0627\u0634\u062a) \u0627\u0633\u062a.\n\n\u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc \u0628\u0627 \u0634\u062f\u062a \u0628\u0627\u0644\u0627 \u0628\u062f\u0648\u0646 \u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645\u06cc:\nCVE-2025-20261 (CVSS 8.8) - \u0627\u0641\u0632\u0627\u06cc\u0634 \u0627\u0645\u062a\u06cc\u0627\u0632 Cisco IMC \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH\nCVE-2025-20163 (CVSS 8.7) - \u062c\u0639\u0644 \u0647\u0648\u06cc\u062a \u0647\u0646\u06af\u0627\u0645 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 Nexus Dashboard Fabric \u0627\u0632 \u0637\u0631\u06cc\u0642 SSH.\n\n\n\u00a0\ud83d\udc6e\u200d\u2640\ufe0f\ud83d\udc6e\u200d\u2640\ufe0f \u0628\u0627\u0632\u0646\u0634\u0631 \u0645\u0637\u0627\u0644\u0628 \u0627\u06cc\u0646 \u06a9\u0627\u0646\u0627\u0644 \u0635\u0631\u0641\u0627 \u0628\u0627 \u0630\u06a9\u0631 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u06a9\u0627\u0645\u0644 \u06a9\u0627\u0646\u0627\u0644 \u0645\u062c\u0627\u0632 \u0645\u06cc\u0628\u0627\u0634\u062f.\n\n\ud83e\udd81\u00ab\u06a9\u062a\u0627\u0633\u00bb\n\u200fhttp://t.me/ict_security", "creation_timestamp": "2025-06-14T08:13:36.000000Z"}, {"uuid": "f4def33c-7c82-4a8f-8148-c11bdd63b0f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "published-proof-of-concept", "source": "Telegram/qrqNXy-LFnDqpCptstXdyMweXak-lAcnoZbxdT5gTxXk4Dg", "content": "", "creation_timestamp": "2025-08-13T09:00:04.000000Z"}, {"uuid": "fff34079-2889-495f-a3ac-4ffac3319f98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20120", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10119", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20120\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager (EPNM) and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface on an affected device.\n This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.\n\ud83d\udccf Published: 2025-04-02T16:16:54.694Z\n\ud83d\udccf Modified: 2025-04-02T16:16:54.694Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-epnmpi-sxss-GSScPGY4", "creation_timestamp": "2025-04-02T16:34:52.000000Z"}, {"uuid": "d06f8526-b2de-4d45-a522-674cb2b096e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20122", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15469", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20122\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could allow an authenticated, local attacker to gain privileges of the root user on the underlying operating system.\n\nThis vulnerability is due to insufficient input validation. An authenticated attacker with read-only privileges on the SD-WAN Manager system could exploit this vulnerability by sending a crafted request to the CLI of the SD-WAN Manager. A successful exploit could allow the attacker to gain root privileges on the underlying operating system.\n\ud83d\udccf Published: 2025-05-07T17:18:27.333Z\n\ud83d\udccf Modified: 2025-05-08T03:56:28.948Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt", "creation_timestamp": "2025-05-08T04:22:55.000000Z"}, {"uuid": "17be83d6-0af3-4ea3-bfe7-34f14eb1b170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1008", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u067e\u06cc\u0627\u062f\u0647\u200c\u0633\u0627\u0632\u06cc API Cisco Identity Services Engine (ISE) \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0646\u0642\u0635 \u062f\u0631 \u0645\u06a9\u0627\u0646\u06cc\u0633\u0645 deserialization \u062f\u0627\u062f\u0647\u200c\u0647\u0627 \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u0634\u06cc \u062c\u0627\u0648\u0627 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0627\u0635 \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2025-01234\nCVE-2025-20124\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0644\u06cc\u0633\u062a \"\u0633\u0641\u06cc\u062f\" \u0627\u0632 \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 API.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u062a\u0644\u0627\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0647\u0627.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0635\u0648\u0635\u06cc \u0645\u062c\u0627\u0632\u06cc \u0628\u0631\u0627\u06cc \u0633\u0627\u0632\u0645\u0627\u0646\u062f\u0647\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 (VPN).\n\n\u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-multivuls-FTW9AOXF\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2025-02-08T17:14:15.000000Z"}, {"uuid": "e5d320c5-0186-410a-bcce-c8a3b5227e78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20124", "type": "seen", "source": "Telegram/KEi_lKEtMjPOFRc2zONzU7Tg6JqTdI8xQl4JVMWuD74buA", "content": "", "creation_timestamp": "2025-02-06T11:55:31.000000Z"}]}