Cisco Security Vulnerabilities (CVEs)
Track 564 security vulnerabilities affecting Cisco products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
An unauthenticated remote attacker can cause denial of service on Cisco Catalyst Access Points by sending crafted traffic that exhausts buffer resourc...
Sep 23, 2021This vulnerability allows unauthenticated remote attackers to cause a denial of service by sending malformed Ethernet over GRE packets to affected Cis...
Sep 23, 2021This vulnerability allows unauthenticated remote attackers to crash Cisco Catalyst 9000 wireless controllers by sending malformed CAPWAP protocol pack...
Sep 23, 2021This vulnerability in Cisco Access Points allows authenticated local users to modify files and potentially gain root privileges through improper file ...
Sep 23, 2021This vulnerability allows authenticated local attackers with low-privileged accounts to elevate their privileges on Cisco IOS XR devices. Attackers ca...
Sep 9, 2021This vulnerability allows authenticated local users with low privileges to execute arbitrary commands with elevated privileges on Cisco IOS XR devices...
Sep 9, 2021An unauthenticated attacker on the same network segment can send specially crafted Ethernet frames to Cisco ASR 9000 routers running vulnerable IOS XR...
Sep 9, 2021This critical authentication bypass vulnerability in Cisco NFVIS allows unauthenticated remote attackers to gain administrator access by injecting par...
Sep 2, 2021An unauthenticated remote attacker can send malicious MPLS echo packets to cause a denial of service on vulnerable Cisco NX-OS devices. This vulnerabi...
Aug 25, 2021This vulnerability allows unauthenticated remote attackers to cause denial of service by sending crafted TCP traffic to specific ports on Cisco Nexus ...
Aug 25, 2021This vulnerability allows authenticated remote attackers with Administrator read-only credentials to elevate privileges to Administrator with write pr...
Aug 25, 2021This vulnerability allows unauthenticated remote attackers to read or write arbitrary files on Cisco APIC and Cloud APIC systems due to improper acces...
Aug 25, 2021This vulnerability allows unauthenticated remote attackers to execute arbitrary commands or code on affected Cisco Small Business VPN routers through ...
Aug 4, 2021This vulnerability allows unauthenticated remote attackers to execute arbitrary commands with root privileges on affected Cisco Small Business VPN rou...
Aug 4, 2021CVE-2021-1572 is a privilege escalation vulnerability in Cisco ConfD software that allows authenticated local attackers to execute arbitrary commands ...
Aug 4, 2021CVE-2021-1600 allows unauthenticated attackers on the same network segment to bypass firewall restrictions on Cisco Intersight Virtual Appliance's ext...
Jul 22, 2021A logic error in Cisco ASA and FTD software cryptography modules allows authenticated remote attackers or unauthenticated man-in-the-middle attackers ...
Jul 16, 2021This vulnerability allows authenticated remote attackers to elevate privileges to Administrator in Cisco Business Process Automation (BPA) web managem...
Jul 8, 2021This vulnerability allows authenticated remote attackers to elevate privileges to Administrator in Cisco Business Process Automation (BPA) web managem...
Jul 8, 2021This vulnerability allows unauthenticated remote attackers to intercept and modify sensitive network client data by exploiting improper X.509 certific...
Jun 29, 2021This CVE describes multiple vulnerabilities in Cisco Small Business 220 Series Smart Switches web management interface that could allow attackers to h...
Jun 16, 2021This vulnerability allows an authenticated local attacker to perform DLL hijacking through a race condition in Cisco AnyConnect's signature verificati...
Jun 16, 2021Multiple vulnerabilities in Cisco Small Business 220 Series Smart Switches web management interface allow attackers to hijack user sessions, execute a...
Jun 16, 2021Multiple vulnerabilities in Cisco Small Business 220 Series Smart Switches web management interface allow attackers to hijack user sessions, execute a...
Jun 16, 2021This vulnerability allows authenticated remote attackers to bypass authorization controls on Cisco ASR 5000 Series devices running StarOS software. At...
Jun 4, 2021This vulnerability in Cisco SD-WAN Software allows authenticated local attackers to escalate privileges to root by exploiting improper access restrict...
Jun 4, 2021CVE-2021-1526 is a remote code execution vulnerability in Cisco Webex Player for Windows and macOS. Attackers can exploit it by tricking users into op...
Jun 4, 2021This vulnerability allows remote code execution through malicious Webex recording files (ARF/WRF formats). An attacker can send a malicious file via e...
Jun 4, 2021This vulnerability allows authenticated remote attackers to execute arbitrary commands on Cisco Prime Infrastructure and EPN Manager systems via craft...
May 22, 2021This vulnerability in Cisco SD-WAN Software allows unauthenticated remote attackers to cause affected devices to reload by sending malformed packets, ...
May 6, 2021This vulnerability in Cisco SD-WAN vEdge Software allows attackers to execute arbitrary code as root or cause denial of service through buffer overflo...
May 6, 2021Multiple vulnerabilities in Cisco SD-WAN vManage Software allow unauthenticated remote attackers to execute arbitrary code or access sensitive informa...
May 6, 2021CVE-2021-1505 is a critical vulnerability in Cisco SD-WAN vManage software that allows unauthenticated remote attackers to execute arbitrary code or a...
May 6, 2021This vulnerability allows unauthenticated remote attackers to execute arbitrary commands on Cisco HyperFlex HX systems via the web-based management in...
May 6, 2021This vulnerability allows authenticated local attackers on Windows systems with Cisco AnyConnect Secure Mobility Client to hijack DLL or executable fi...
May 6, 2021Multiple vulnerabilities in Cisco SD-WAN vManage Software allow unauthenticated remote attackers to execute arbitrary code or access sensitive informa...
May 6, 2021This vulnerability allows authenticated local attackers on Windows systems with Cisco AnyConnect Secure Mobility Client to hijack DLL or executable fi...
May 6, 2021This vulnerability in Cisco AnyConnect Secure Mobility Client for Windows allows authenticated local attackers to hijack DLL or executable files durin...
May 6, 2021CVE-2021-1421 is a command injection vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) that allows authenticated local attackers t...
May 6, 2021This vulnerability in Cisco Small Business Wireless Access Points allows authenticated remote attackers to access sensitive information or execute arb...
May 6, 2021This vulnerability allows authenticated remote attackers to perform SQL injection attacks on Cisco Unified Communications Manager IM & Presence Servic...
May 6, 2021This vulnerability allows an unauthenticated attacker with network access to adjacent Cisco SD-WAN vEdge devices to bypass authentication and authoriz...
May 6, 2021This vulnerability allows unauthenticated remote attackers to cause a denial of service by sending crafted SIP traffic through affected Cisco ASA and ...
Apr 29, 2021This vulnerability allows authenticated remote attackers to trigger a buffer overflow in Cisco ASA and FTD software web services interface by sending ...
Apr 29, 2021This vulnerability allows authenticated local attackers on Cisco Firepower Threat Defense devices running in multi-instance mode to execute arbitrary ...
Apr 29, 2021An unauthenticated remote attacker can send crafted SSL/TLS messages through Cisco Firepower Threat Defense devices performing software-based SSL decr...
Apr 29, 2021CVE-2021-1479 allows unauthenticated remote attackers to execute arbitrary code on Cisco SD-WAN vManage software, or authenticated local attackers to ...
Apr 8, 2021This critical vulnerability allows unauthenticated remote attackers to execute arbitrary code as root on affected Cisco Small Business routers via cra...
Apr 8, 2021This vulnerability allows authenticated local attackers to perform DLL hijacking attacks on affected Cisco security products for Windows. Attackers ca...
Apr 8, 2021This vulnerability allows authenticated remote attackers to execute arbitrary code with root privileges on Cisco Unified Communications products via a...
Apr 8, 2021Why Monitor Cisco Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 564+ known vulnerabilities affecting Cisco products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable Cisco packages in under 60 seconds. No agents required - completely agentless scanning that works across Cisco deployments.
Free vulnerability database: Access detailed information about every Cisco CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new Cisco CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
