Cisco Systems has confirmed that a sophisticated voice phishing (vishing) attack led to the theft of basic profile information for a subset of users on its Cisco.com platform.
The company immediately contained the breach and launched an investigation, determining that only non-sensitive account metadata...
The Cybersecurity and Infrastructure Security Agency (CISA) has added two critical Cisco Identity Services Engine vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, warning that threat actors are actively exploiting these vulnerabilities in real-world attacks.
The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, affect Cisco...
A critical vulnerabilities in Cisco Identity Services Engine (ISE), demonstrating how attackers can achieve complete system compromise with root access.
The vulnerabilities, tracked as CVE-2025-20281 and CVE-2025-20337, affect the pre-authentication phase and allow remote code execution without requiring valid credentials.
The vulnerability was initially reported...
Cisco disclosed a critical weakness within the web-based management interface of its Unified Intelligence Center (CUIC) that can be exploited by authenticated remote attackers to upload arbitrary files.
Tracked as CVE-2025-20274 and carrying a CVSS base score of 6.3, the flaw stems from insufficient...
Cisco Systems has disclosed a critical vulnerability in its Unified Communications Manager (Unified CM) platform that could allow unauthenticated remote attackers to gain root access to affected systems.
The security vulnerability, tracked as CVE-2025-20309 and assigned a maximum CVSS score of 10.0, represents one...