Ars Technica

Vulnerability in Cisco Smart Software Manager lets attackers change any user password

Cisco on Wednesday disclosed a maximum-security vulnerability that allows remote threat actors with no authentication to change the password of any user, including those of administrators with ...
SecurityWeek

Cisco Patches Zero-Day Flaw Affecting Routers and Switches

Cisco announced patches for 14 vulnerabilities in IOS and IOS XE, including a bug that has been exploited in the wild.

CISA instructs federal agencies to patch zero-day flaws in Cisco firewall devices

CISA officials issued the directive on Thursday. The zero-day vulnerabilities in question, CVE-2025-20362 and CVE-2025-20333, ...
SecurityWeek

Cisco Firewall Zero-Days Exploited in China-Linked ArcaneDoor Attacks

Cisco released emergency patches for two firewall vulnerabilities exploited as zero-days in the ArcaneDoor espionage campaign ...
The Hacker News

Urgent: Cisco ASA Zero-Day Duo Under Attack; CISA Triggers Emergency Mitigation Directive

In a separate alert, CISA said it's issuing an emergency directive urging federal agencies to identify, analyze, and mitigate ...
Bleeping Computer

Cisco Botches Fix for RV320, RV325 Routers, Just Blocks 'curl' User Agent

Cisco's RV320 and RV325 router models for small offices and small businesses remain vulnerable to two high-severity flaws two months after the vendor announced the availability of patches. The fixes ...