Tag: cisco
-
Threat Actors Exploit GitHub Accounts to Host Payloads, Tools, and Amadey Malware Plugins
Cisco Talos researchers identified a sophisticated Malware-as-a-Service (MaaS) operation in April 2025 that employed the Amadey botnet to distribute various payloads. This operation exploited fake GitHub accounts as open directories for hosting malicious payloads, tools, and Amadey plugins, aiming to evade web filtering mechanisms and simplify distribution. By leveraging GitHub’s legitimate domain, threat actors could…
-
New Cisco Bugs Rated CVSS 10.0, Patch Immediately
Cisco has issued a new security advisory warning of newly discovered vulnerabilities in its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC), revealing serious security flaws that could allow remote, unauthenticated attackers to execute arbitrary code on targeted systems with root privileges. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisco-cve-2025-20337-and-ise-pic-flaws/
-
Cisco Discloses ’10’ Flaw in ISE, ISE-PIC, Patch Now
Cisco just disclosed a critical severity flaw in its ISE and ISE-PIC products, joining two similar bugs disclosed last month. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/cisco-cvss-10-flaw-ise-ise-pic-patch-now
-
Watch out, another max-severity, make-me-root Cisco bug on the loose
Tags: ciscoThree perfect 10s in the last month – ISE, ISE, baby First seen on theregister.com Jump to article: www.theregister.com/2025/07/17/critical_cisco_bug/
-
Hackers Use GitHub Repositories to Host Amadey Malware and Data Stealers, Bypassing Filters
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025.”The MaaS [malware-as-a-service] operators used fake GitHub accounts to host payloads, tools, and Amadey plug-ins, likely as an attempt to bypass web filtering and for ease of use,” Cisco Talos researchers…
-
Max severity Cisco ISE bug allows pre-auth command execution, patch now
A critical vulnerability (CVE-2025-20337) in Cisco’s Identity Services Engine (ISE) could be exploited to let an unauthenticated attacker store malicious files, execute arbitrary code, or gain root privileges on vulnerable devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/max-severity-cisco-ise-bug-allows-pre-auth-command-execution-patch-now/
-
Cisco patches critical CVE-2025-20337 bug in Identity Services Engine with CVSS 10 Severity
Cisco warns of CVE-2025-20337, a critical ISE flaw (CVSS 10) allowing remote code execution with root privileges. Cisco addressed a critical vulnerability, tracked as CVE-2025-20337 (CVSS score of 10), in Identity Services Engine (ISE) and Cisco Identity Services Engine Passive Identity Connector (ISE-PIC). An attacker could trigger the vulnerability to execute arbitrary code on the…
-
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
-
Cisco Unified Intelligence Center Flaw Lets Remote Attackers Upload Arbitrary Files
A critical security vulnerability has been discovered in Cisco’s Unified Intelligence Center that allows authenticated remote attackers to upload arbitrary files to affected systems, potentially enabling complete system compromise. The flaw, tracked as CVE-2025-20274, carries a CVSS score of 6.3 and has been assigned a High security impact rating by Cisco due to the potential…
-
Cisco Warns of Critical ISE Flaw Allowing Unauthenticated Attackers to Execute Root Code
Cisco has disclosed a new maximum-severity security vulnerability impacting Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) that could permit an attacker to execute arbitrary code on the underlying operating system with elevated privileges.Tracked as CVE-2025-20337, the shortcoming carries a CVSS score of 10.0 and is similar to CVE-2025-20281, which was patched…
-
Cisco Connect München – KI braucht starke Netze
First seen on security-insider.de Jump to article: www.security-insider.de/ki-braucht-starke-netze-a-b4a7778e77373d754a829357324ca36e/
-
Asus and Adobe vulnerabilities
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed two vulnerabilities each in Asus Armoury Crate and Adobe Acrobat products. The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/asus-and-adobe-vulnerabilities/
-
Patch für Unified CM verfügbar – Cisco wird fest kodierte Admin-Zugangsdaten nicht mehr los
First seen on security-insider.de Jump to article: www.security-insider.de/cisco-backdoor-ermoeglicht-root-zugang-a-d69914eb428eecf2c705a339be3e2b41/
-
Boxxe bolsters position with CAE buy
Channel consolidation continues with Cisco and Microsoft partner snapped up in the latest deal First seen on computerweekly.com Jump to article: www.computerweekly.com/microscope/news/366627099/boxxe-bolsters-position-with-CAE-buy
-
Kritische Schwachstelle in Cisco Unified CM entdeckt
Tags: bug, cisco, communications, cyberattack, exploit, infrastructure, rce, remote-code-execution, risk, vulnerabilityBereits zum zweiten Mal in einer Woche muss Cisco eine Schwachstelle mit höchsten Schweregrad melden.Cisco meldete kürzlich eine Schwachstelle mit höchster Schweregradbewertung (CVSS 10 von 10) in seinen Produkten Unified Communications Manager (Unified CM) und Session Management Edition (Unified CM SME). Die betroffenen Lösungen sind Kernkomponenten der TK-Infrastruktur und werden in Behörden, Finanzinstituten und großen…
-
Cisco Live San Diego & Cisco Connect München – Wie Cisco Netzwerke neu denken will
Tags: ciscoFirst seen on security-insider.de Jump to article: www.security-insider.de/wie-cisco-netzwerke-neu-denken-will-a-243ba905981f7e2d2a0ac4406091fff3/
-
Cisco Issues Emergency Fix for Critical Root Credential Flaw in Unified CM
Cisco fixes critical root credential vulnerability in Unified CM rated CVSS 10 urging users to patch now to stop remote admin takeovers. First seen on hackread.com Jump to article: hackread.com/cisco-emergency-fix-critical-root-credential-flaw-unified-cm/
-
Static Credentials Flaw Patched in Cisco Systems
Flaw Exposes Remote Privilege Escalation Risk. Cisco released urgent security updates to fix a critical vulnerability in Unified Communications Manager that could allow unauthenticated attackers gain root access to affected systems. The maximum-severity vulnerability allows unauthenticated remote attackers to log in using static credentials. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/static-credentials-flaw-patched-in-cisco-systems-a-28899
-
Cisco patches critical 10.0 bug in Unified CM systems
Tags: ciscoFirst seen on scworld.com Jump to article: www.scworld.com/news/cisco-patches-critical-10-0-bug-in-unified-cm-systems
-
Maximum severity Cisco Unified CM vulnerability resolved
First seen on scworld.com Jump to article: www.scworld.com/brief/maximum-severity-cisco-unified-cm-vulnerability-resolved
-
Hardcoded root credentials in Cisco Unified CM trigger max-severity alert
Cisco shares tricks to spot exploitation: Cisco said in the advisory that it hasn’t observed any exploitation in the wild, but it has provided a method for customers to detect compromises. Successful logins via the root account would leave traces in system logs located at ‘/var/log/active/syslog/secure’, it said.The advisory even included an example log snippet…
-
Cisco fixes maximum-severity flaw in enterprise unified comms platform (CVE-2025-20309)
Cisco has found a backdoor account in yet another of its software solutions: CVE-2025-20309, stemming from default credentials for the root account, could allow … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/03/cisco-fixes-maximum-severity-flaw-in-enterprise-unified-comms-platform-cve-2025-20309/
-
Backdoor in Unified CM: Fest kodierte Admin-Zugangsdaten in Cisco-Tool entdeckt
Die Zugangsdaten lassen sich laut Cisco nicht manuell entfernen, sondern ausschließlich per Patch. Angreifer können sich über SSH als Root anmelden. First seen on golem.de Jump to article: www.golem.de/news/backdoor-in-unified-cm-fest-kodierte-admin-zugangsdaten-in-cisco-tool-entdeckt-2507-197709.html
-
Cisco Unified CM Vulnerability Lets Remote Attacker Gain Root Access
A newly disclosed, critical vulnerability in Cisco Unified Communications Manager (Unified CM) and Unified CM Session Management Edition (SME) has exposed organizations to the risk of full system compromise. Tracked as CVE-2025-20309 and assigned a maximum CVSS score of 10.0, the flaw allows unauthenticated remote attackers to gain root access using static, hardcoded SSH credentials that were inadvertently left in…
-
Cisco Issues Urgent Patch for Critical Unified CM Vulnerability (CVE-2025-20309)
Cisco has issued a new security advisory addressing a severe vulnerability in its Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME). The flaw, now identified as CVE-2025-20309, carries the highest possible CVSS score of 10.0. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cisco-patches-cve-2025-20309-vulnerability/
-
Critical Cisco Vulnerability in Unified CM Grants Root Access via Static Credentials
Cisco has released security updates to address a maximum-severity security flaw in Unified Communications Manager (Unified CM) and Unified Communications Manager Session Management Edition (Unified CM SME) that could permit an attacker to login to a susceptible device as the root user, allowing them to gain elevated privileges.The vulnerability, tracked as CVE-2025-20309, carries a CVSS…
-
Maximaler CVSS-Score – Warnung vor enorm kritischen Cisco-Schwachstellen
First seen on security-insider.de Jump to article: www.security-insider.de/kritische-schwachstellen-cisco-ise-ise-pic-sicherheitsupdates-a-caa17fe2e6d25482d8c1eb5b8e84da99/
-
Cisco scores a perfect 10 – sadly for a critical flaw in its comms platform
The second max score this week for Netzilla – not a good look First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/cisco_patch_cvss/
-
Cisco removed the backdoor account from its Unified Communications Manager
Digital communications technology giant Cisco addressed a static SSH credentials vulnerability in its Unified Communications Manager (Unified CM). A flaw, tracked as CVE-2025-20309 (CVSS score of 10), in Cisco Unified Communications Manager and its Session Management Edition lets remote attackers log in using hardcoded root credentials set during development. Cisco Unified Communications Manager (CUCM) is a call…
-
Cisco warns that Unified CM has hardcoded root SSH credentials
Cisco has removed a backdoor account from its Unified Communications Manager (Unified CM), which would have allowed remote attackers to log in to unpatched devices with root privileges. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-removes-unified-cm-callManager-backdoor-root-account/