Cisco security updates: Attackers can trigger alarms
Important updates close several vulnerabilities in Cisco Networks Analytics Manager and Webex Meetings Services, among others.
(Image: heise online)
Network equipment supplier Cisco protects several products against possible attacks. In the worst case, attackers can access systems as root users. However, this is not possible without further ado. Security patches are available for download.
From admin to root
Admins can find information on the secure versions in the articles linked below this message. So far, there have been no reports of ongoing attacks. Because Cisco hardware is used in central locations in companies, admins should not delay patching for too long.
As the RADIUS implementation in Identity Services Engine is defective, attackers can use this vulnerability (CVE-2025-20152 “high”) for a DoS attack. This should work without authentication and remotely. Attacks can be initiated via prepared RADIUS requests. In the end, reboots occur.
A vulnerability (CVE-2025-20113 “high”) in Unified Intelligence Center can lead to attackers gaining higher user rights. In the context of Secure Network Analytics Manager, attackers can even gain root rights (CVE-2025-20256 “medium”). However, they must first be an admin. Attackers can also trigger alarms at this point (CVE-2025-20257 “medium”).
Attackers can also manipulate data in Unified Contact Center Enterprise (CVE-2025-20242 “medium”).
Videos by heise
At the beginning of May, Cisco upgraded various products against root and DoS attacks.
List sorted by threat level in descending order:
- Identity Services Engine RADIUS
- Unified Intelligence Center
- Secure Network Analytics Manager
- Unified Contact Center Enterprise Cloud Connect Insufficient Access Control
- Secure Network Analytics Manager API
- Webex Services
- Duo Self-Service Portal
- Unified Communications Products
- Identity Services
- Webex Meetings Services
(des)
