{"vulnerability": "CVE-2025-2014", "sightings": [{"uuid": "c944582f-be49-40c1-8797-f11413d9557d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20142", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114150716950392585", "content": "", "creation_timestamp": "2025-03-12T17:48:32.027778Z"}, {"uuid": "0b32b6ef-88f8-4b82-98ca-f63b49d281ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20146", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114150716991392661", "content": "", "creation_timestamp": "2025-03-12T17:48:33.143968Z"}, {"uuid": "5778706e-5921-430d-9b5b-2c8b2e70a980", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20145", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk7cpu3z2526", "content": "", "creation_timestamp": "2025-03-12T19:25:39.957622Z"}, {"uuid": "87103e30-59c3-4fde-aae5-282954a6c5d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20149", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1645", "content": "", "creation_timestamp": "2025-09-25T04:00:00.000000Z"}, {"uuid": "b35e530a-8fce-4039-b73a-5b1299739e8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20149", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-cisco-ios-ja-ios-xe-laitteissa", "content": "", "creation_timestamp": "2025-09-26T08:27:34.000000Z"}, {"uuid": "5fb3bd7a-53ef-4bc2-8b40-67c352629990", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20141", "type": "seen", "source": "https://t.me/cvedetector/20164", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20141 - Cisco IOS XR Route Processor Linux Stack Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20141 \nPublished : March 12, 2025, 4:15 p.m. | 2\u00a0hours, 58\u00a0minutes ago \nDescription : A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms.\u00a0  \n  \nThis vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T20:23:18.000000Z"}, {"uuid": "f26f7805-26a5-4f47-a6e2-6224032f52fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20145", "type": "seen", "source": "https://t.me/cvedetector/20160", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20145 - Cisco IOS XR Software ACL Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-20145 \nPublished : March 12, 2025, 4:15 p.m. | 2\u00a0hours, 58\u00a0minutes ago \nDescription : A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.  \n  \nThis vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.  \nFor more information about this vulnerability, see the  section of this advisory.  \nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T20:23:11.000000Z"}, {"uuid": "25fa3602-0b3d-41f8-94e9-5628abb061ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20142", "type": "seen", "source": "https://t.me/cvedetector/20165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20142 - \"Cisco ASR 9000 Series IPv4 ACL and QoS Policy Remote Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-20142 \nPublished : March 12, 2025, 4:15 p.m. | 2\u00a0hours, 58\u00a0minutes ago \nDescription : A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition.  \n  \nThis vulnerability is due to the incorrect handling of malformed IPv4 packets that are received on line cards where the interface has either an IPv4 ACL or QoS policy applied. An attacker could exploit this vulnerability by sending crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to cause network processor errors, resulting in a reset or shutdown of the network process. Traffic over that line card would be lost while the line card reloads.  \nNote: This vulnerability has predominantly been observed in Layer 2 VPN (L2VPN) environments where an IPv4 ACL or QoS policy has been applied to the bridge virtual interface. Layer 3 configurations where the interface has either an IPv4 ACL or QoS policy applied are also affected, though the vulnerability has not been observed. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T20:23:19.000000Z"}, {"uuid": "a46039f1-a3d8-4e34-a679-676dbd129c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20146", "type": "seen", "source": "https://t.me/cvedetector/20154", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20146 - \"Cisco ASR 9000 Series and ASR 9900 Series IPv4 Multicast Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-20146 \nPublished : March 12, 2025, 4:15 p.m. | 2\u00a0hours, 58\u00a0minutes ago \nDescription : A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition.  \n  \nThis vulnerability is due to the incorrect handling of malformed IPv4 multicast packets that are received on line cards where the interface has either an IPv4 access control list (ACL) or a QoS policy applied. An attacker could exploit this vulnerability by sending crafted IPv4 multicast packets through an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset. Traffic over that line card would be lost while the line card reloads. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-12T20:23:04.000000Z"}, {"uuid": "9955bb0f-1d4a-4305-9562-f9a71e0c8764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20143", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7398", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20143\n\ud83d\udd25 CVSS Score: 6.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device.\n\nThis vulnerability is due to insufficient verification of modules in the software load process. An attacker could exploit this vulnerability by manipulating the loaded binaries to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.\nNote: This vulnerability affects Cisco IOS XR Software, not the Secure Boot feature.\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-03-12T16:12:31.135Z\n\ud83d\udccf Modified: 2025-03-13T03:55:21.097Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-lkm-zNErZjbZ\n2. https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/", "creation_timestamp": "2025-03-13T04:42:13.000000Z"}, {"uuid": "2f5ec203-b5eb-4b6f-ab1d-6ad802b7d50a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20141", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8451", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20141\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. \n\nThis vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.\n\ud83d\udccf Published: 2025-03-12T16:12:15.494Z\n\ud83d\udccf Modified: 2025-03-21T20:35:20.642Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY\n2. https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/", "creation_timestamp": "2025-03-21T21:22:13.000000Z"}, {"uuid": "3526c9ed-c1a3-46b9-8de6-2ad53a7bbc23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20144", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8453", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20144\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\n\nThis vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass a configured ACL on the affected device.\nFor more information, see the  section of this advisory.\nCisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-03-12T16:12:39.882Z\n\ud83d\udccf Modified: 2025-03-21T20:33:28.254Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs-hybridacl-crMZFfKQ\n2. https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/", "creation_timestamp": "2025-03-21T21:22:15.000000Z"}, {"uuid": "71ada406-a780-4077-b903-d63139282839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20142", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8452", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20142\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition.\n\nThis vulnerability is due to the incorrect handling of malformed IPv4 packets that are received on line cards where the interface has either an IPv4 ACL or QoS policy applied. An attacker could exploit this vulnerability by sending crafted IPv4 packets through an affected device. A successful exploit could allow the attacker to cause network processor errors, resulting in a reset or shutdown of the network process. Traffic over that line card would be lost while the line card reloads.\nNote: This vulnerability has predominantly been observed in Layer 2 VPN (L2VPN) environments where an IPv4 ACL or QoS policy has been applied to the bridge virtual interface. Layer 3 configurations where the interface has either an IPv4 ACL or QoS policy applied are also affected, though the vulnerability has not been observed.\n\ud83d\udccf Published: 2025-03-12T16:12:23.126Z\n\ud83d\udccf Modified: 2025-03-21T20:34:33.919Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4uni-LfM3cfBu\n2. https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/", "creation_timestamp": "2025-03-21T21:22:14.000000Z"}, {"uuid": "446a3099-c8b4-4ba1-9eb4-b36ce9c39802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20145", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8454", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20145\n\ud83d\udd25 CVSS Score: 5.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL.\n\nThis vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device.\nFor more information about this vulnerability, see the  section of this advisory.\nCisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.\n\ud83d\udccf Published: 2025-03-12T16:12:48.668Z\n\ud83d\udccf Modified: 2025-03-21T20:32:32.526Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm\n2. https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/", "creation_timestamp": "2025-03-21T21:22:19.000000Z"}, {"uuid": "8d023d49-0fac-4f46-b3d1-c909c819cd0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20149", "type": "exploited", "source": "https://t.me/true_secator/7459", "content": "Cisco \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 0-day \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 Cisco IOS \u0438 IOS XE, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432 \u043d\u0430\u0441\u0442\u043e\u044f\u0449\u0435\u0435 \u0432\u0440\u0435\u043c\u044f \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u0443\u0435\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2025-20352, \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u043d\u0430 \u0431\u0430\u0437\u0435 \u0441\u0442\u0435\u043a\u0430 \u0432 \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u043e\u0441\u0442\u043e\u0433\u043e \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f (SNMP) \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u041f\u041e, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044f \u0432\u0441\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u044b\u043c SNMP.\n\n\u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u043d\u0438\u0437\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0434\u043b\u044f \u0432\u044b\u0437\u043e\u0432\u0430 DoS \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0431\u0435\u0437 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438, \u0441 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0442\u043e\u0440\u043e\u043d\u044b, \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u043c\u0438 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Cisco IOS XE, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0432 \u043a\u043e\u0434 \u043e\u0442 \u0438\u043c\u0435\u043d\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f root.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0432 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 SNMP-\u043f\u0430\u043a\u0435\u0442 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e \u043f\u043e \u0441\u0435\u0442\u044f\u043c IPv4 \u0438\u043b\u0438 IPv6.\n\nCisco PSIRT \u0441\u0442\u0430\u043b\u043e \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e \u043e\u0431 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0431\u044b\u043b\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u044b \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nCisco \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u043f\u0435\u0440\u0435\u0439\u0442\u0438 \u043d\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u041f\u041e \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438. \u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043f\u043e\u043c\u0438\u043c\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0445 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442. \n\n\u0422\u0435\u043c \u043d\u0435 \u043c\u0435\u043d\u0435\u0435, \u0432 Cisco \u0442\u0430\u043a\u0436\u0435 \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043d\u0435 \u043c\u043e\u0433\u0443\u0442 \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u041f\u041e, \u043c\u043e\u0433\u0443\u0442 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0441\u043c\u044f\u0433\u0447\u0438\u0442\u044c \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f SNMP \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043b\u044f \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u043d\u0443\u043b\u044f Cisco \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 13 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0435, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d PoC.\n\n\u041f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u043d\u0438\u0445 - XSS \u0432 Cisco IOS XE, \u043e\u0442\u043c\u0435\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2025-20240, - \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c \u0434\u043b\u044f \u043a\u0440\u0430\u0436\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 cookie \u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432.\n\n\u0412\u0442\u043e\u0440\u0430\u044f, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2025-20149, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0442\u0438\u043f\u0430 DoS \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430.", "creation_timestamp": "2025-09-25T11:38:17.000000Z"}, {"uuid": "856110ff-70a8-4993-807a-01cca05838b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20142", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lketzw4zr22o", "content": "", "creation_timestamp": "2025-03-15T00:18:54.259278Z"}, {"uuid": "234d078d-b2c3-44aa-b93d-f578cffe594f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20146", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lketzw4zr22o", "content": "", "creation_timestamp": "2025-03-15T00:18:54.338947Z"}, {"uuid": "24e7f89c-d00c-4200-a993-47d8a84e8ed9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20143", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk7cpuhzyn24", "content": "", "creation_timestamp": "2025-03-12T19:25:41.725764Z"}, {"uuid": "1a3751b3-1177-4f5f-9bf5-7ce1118a17ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20146", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7341", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20146\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition.\n\nThis vulnerability is due to the incorrect handling of malformed IPv4 multicast packets that are received on line cards where the interface has either an IPv4 access control list (ACL) or a QoS policy applied. An attacker could exploit this vulnerability by sending crafted IPv4 multicast packets through an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset. Traffic over that line card would be lost while the line card reloads.\n\ud83d\udccf Published: 2025-03-12T16:12:56.245Z\n\ud83d\udccf Modified: 2025-03-12T16:12:56.245Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multicast-ERMrSvq7\n2. https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/", "creation_timestamp": "2025-03-12T16:41:22.000000Z"}, {"uuid": "bf35f692-d2ba-4af5-b996-b2537e2fab62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2014", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-115/", "content": "", "creation_timestamp": "2025-03-10T04:00:00.000000Z"}, {"uuid": "2ebd1960-42cd-46dc-8772-20145252a91f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20144", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114150904104711116", "content": "", "creation_timestamp": "2025-03-12T18:36:07.498863Z"}, {"uuid": "de32f966-e7f9-4634-9467-85c5b1ba9b3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20145", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114150955258795716", "content": "", "creation_timestamp": "2025-03-12T18:49:07.950597Z"}, {"uuid": "83879c84-f737-4665-8419-f02e6d086690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20142", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "bfef53b4-41b4-45a7-9435-41968b249038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20145", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "b2c41106-febd-462a-9dec-23df6c24ad95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20148", "type": "seen", "source": "https://t.me/kasperskyb2b/1864", "content": "\ud83e\udd2a Cisco Patch Thursday\n\nCisco \u0443\u0441\u0442\u0440\u043e\u0438\u043b\u0430 \u0449\u0435\u0434\u0440\u0443\u044e \u0430\u0444\u0442\u0435\u043f\u0430\u0442\u0438 \u043f\u043e\u0441\u043b\u0435 Patch Tuesday, \u0432\u044b\u043a\u0430\u0442\u0438\u0432 \u0432 \u0447\u0435\u0442\u0432\u0435\u0440\u0433 25 \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u0435\u0439, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 ASA, FTD IOS \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u043c\u0438 \u044d\u043a\u0440\u0430\u043d\u0430\u043c\u0438 \u0438 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c\u044e. \n\n\u041d\u0435\u0441\u043e\u043c\u043d\u0435\u043d\u043d\u043e\u0439 \u0437\u0432\u0435\u0437\u0434\u043e\u0439 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0441\u0442\u0430\u043b\u0430 CVE-2025-20265 \u0441 CVSS 10. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 Cisco Secure Firewall Management Center (FMC), \u043f\u0440\u0438 \u0443\u0441\u043b\u043e\u0432\u0438\u0438 \u0447\u0442\u043e \u0432 \u043d\u0451\u043c \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f \u043f\u043e RADIUS.  \u041d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439 \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u0437\u0430\u043f\u0440\u043e\u0441\u044b RADIUS-\u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0438 \u0434\u043e\u0431\u0438\u0442\u044c\u0441\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438.\n\u0414\u0435\u0444\u0435\u043a\u0442\u0443 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0438 7.0.7 \u0438 7.7.0, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c \u043d\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044f \u2014 \u0442\u043e\u043b\u044c\u043a\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f.\n\n\u0414\u0440\u0443\u0433\u0430\u044f \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0442\u043e\u043c \u0436\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0435, CVE-2025-20148, \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a HTML-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u044b, \u0441\u0433\u0435\u043d\u0435\u0440\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c, \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b \u0438\u0437 \u041e\u0421 \u0438 \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u044f\u0442\u044c \u0430\u0442\u0430\u043a\u0438 SSRF.\n\n\u0426\u0435\u043b\u044b\u0439 \u0431\u0443\u043a\u0435\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a DoS \u0432 FTD \u0438 ASA, \u0438\u0445 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0438\u043d\u0438\u0446\u0438\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439.\n\n#\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2025-08-14T18:01:28.000000Z"}, {"uuid": "39a2d14c-8b9d-4acf-a880-b1a1d7532881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-20148", "type": "seen", "source": "https://t.me/true_secator/7332", "content": "Cisco \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0431\u043e\u043b\u0435\u0435 20 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u043e \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043e\u0431\u043d\u043e\u0430\u0432\u043b\u0435\u043d\u0438\u0439 \u0437\u0430 \u0430\u0432\u0433\u0443\u0441\u0442 2025 \u0433\u043e\u0434\u0430 \u0434\u043b\u044f \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Secure Firewall Management Center (FMC), Secure Firewall Threat Defense (FTD) \u0438 Secure Firewall Adaptive Security Appliance (ASA).\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2025-20265 (\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 10,0) \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0443 Secure FMC, \u043f\u0440\u0435\u0434\u043d\u0430\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0443\u044e \u0434\u043b\u044f \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Cisco FTD \u0438 \u0434\u0440\u0443\u0433\u0438\u0445 \u0440\u0435\u0448\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044e \u043f\u043e\u0434\u0441\u0438\u0441\u0442\u0435\u043c\u044b RADIUS, \u0447\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u043d\u0435\u0434\u0440\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u0431\u043e\u043b\u043e\u0447\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0442\u0441\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432\u043e\u0437\u043d\u0438\u043a\u0430\u0435\u0442 \u0438\u0437-\u0437\u0430 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f \u043d\u0430\u0434\u043b\u0435\u0436\u0430\u0449\u0435\u0439 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0430 \u044d\u0442\u0430\u043f\u0435 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0447\u0435\u0433\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0435 \u0432\u0445\u043e\u0434\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0440\u0438 \u0432\u0432\u043e\u0434\u0435 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u0440\u043e\u0445\u043e\u0434\u044f\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e \u043d\u0430 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u043d\u043e\u043c \u0441\u0435\u0440\u0432\u0435\u0440\u0435 RADIUS.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u0432\u044b\u0441\u043e\u043a\u0438\u043c \u0443\u0440\u043e\u0432\u043d\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439.\n\n\u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 Secure FMC \u0434\u043e\u043b\u0436\u0435\u043d \u0431\u044b\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d \u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e RADIUS \u0434\u043b\u044f \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f SSH \u0438\u043b\u0438 \u043e\u0431\u043e\u0438\u0445.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0435\u0440\u0441\u0438\u0438 Secure FMC Software 7.0.7 \u0438 7.7.0, \u0435\u0441\u043b\u0438 \u0432 \u043d\u0438\u0445 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044f RADIUS.\n\n\u041e\u0431\u0445\u043e\u0434\u043d\u044b\u0445 \u043f\u0443\u0442\u0435\u0439, \u043a\u0440\u043e\u043c\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u043c\u044b\u0445 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439, \u043d\u0435 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u041f\u043e\u043c\u0438\u043c\u043e CVE-2025-20265 Cisco \u0442\u0430\u043a\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a:\n\n- CVE-2025-20217\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Snort 3 \u0432 Secure Firewall Threat Defense.\n\n- CVE-2025-20222\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c IPv6 \u0447\u0435\u0440\u0435\u0437 IPsec \u0432 Secure Firewall \u0438 Secure Firewall \u0434\u043b\u044f Firepower \u0441\u0435\u0440\u0438\u0438 2100.\n\n- CVE-2025-20224, CVE-2025-20225, CVE-2025-20239\u00a0(\u043e\u0446\u0435\u043d\u043a\u0430 CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 IKEv2 \u0432 IOS, IOS XE, Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense Software.\n\n- CVE-2025-20133, CVE-2025-20243\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 SSL VPN \u0434\u043b\u044f Secure Firewall \u0438 Secure Firewall.\n\n- CVE-2025-20134\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SSL/TLS-\u0441\u0435\u0440\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u0430 \u0432 Secure Firewall \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20136\u00a0(CVSS: 8,6): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0440\u0438 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 DNS \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u0435\u043e\u0431\u0440\u0430\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0430\u0434\u0440\u0435\u0441\u043e\u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20263\u00a0(CVSS: 8,6): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0442\u043a\u0430\u0437\u043e\u0443\u0441\u0442\u043e\u0439\u0447\u0438\u0432\u043e\u0441\u0442\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u043e\u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense Software.\n\n- CVE-2025-20148\u00a0(CVSS: 8,5): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c HTML-\u0438\u043d\u044a\u0435\u043a\u0446\u0438\u0438 \u0432 Secure Firewall Management Center.\n\n- CVE-2025-20251\u00a0(CVSS: 8,5): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c VPN-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 VPN \u0432 Secure Firewall \u0438 Secure Firewall Threat Defense.\n\n- CVE-2025-20127\u00a0(CVSS: 7,7): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f TLS 1.3 \u0442\u0438\u043f\u0430 DoS \u0432 Secure Firewall \u0438 Secure Firewall \u0434\u043b\u044f Firepower \u0441\u0435\u0440\u0438\u0439 3100 \u0438 4200.\n\n- CVE-2025-20244\u00a0(CVSS: 7,7): DoS-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 VPN \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u044b\u043c \u0434\u043e\u0441\u0442\u0443\u043f\u043e\u043c \u0432 Secure Firewall Adaptive Security Appliance \u0438 Secure Firewall Threat Defense.\n\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0447\u0430\u0435\u0442 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a, \u043f\u043e\u043a\u0430 \u043d\u0438 \u043e\u0434\u043d\u0430 \u0438\u0437 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u043d\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u043b\u0430\u0441\u044c \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u044f\u0445, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043e\u0441\u043e\u0431\u043e\u0435 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0435 \u043a\u0438\u0431\u0435\u0440\u043f\u043e\u0434\u043f\u043e\u043b\u044c\u044f \u043a \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u043c \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 - \u044d\u0442\u043e \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u043e\u0439\u0442\u0438.", "creation_timestamp": "2025-08-15T11:00:11.000000Z"}]}