1. 主页
  2. 保安警报
  3. 保安警报 (A25-05-06)

保安警报 (A25-05-06): Cisco 产品多个漏洞


 

发布日期: 2025年 5月 9日

  
  

描述:

Cisco 发布了安全公告,以应对 Cisco 装置及软件的多个漏洞。有关漏洞及攻击向量的资料,请参阅供应商网站的相应安全公告。

 

受影响的系统:

  • Cisco 800、1000、1100、4000 Series Integrated Services Routers
  • Cisco ASA Software
  • Cisco ASR 903 Aggregation Services Routers with RSP3C
  • Cisco Catalyst 1000、2960-L、2960CX、2960X、2960XR、3560CX Series Switches
  • Cisco Catalyst 8200、8300、8500、8500L Series Edge Platforms
  • Cisco Catalyst 9100 Family of Access Points
  • Cisco Catalyst 9800-CL Wireless Controllers for Cloud
  • Cisco Catalyst 9800 Series Wireless Controllers
  • Cisco Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300、9400 及 9500 Series Switches
  • Cisco Embedded Wireless Controller on Catalyst APs
  • Cisco FTD Software
  • Cisco IC3000 Industrial Compute Gateways
  • Cisco IE 2000、4000、4010、5000 Series
  • Cisco IOS Software
  • Cisco IOS XE Software
  • Cisco IOS XE Software for WLCs
  • Cisco WLC AireOS Software

有关受影响产品的详细资料,请参阅供应商网站的相应安全公告中有关 “Affected Products” 的部分。

 

影响:

成功利用漏洞可以导致受影响的系统发生远端执行程式码、服务被拒绝、权限提升、泄漏资讯、绕过保安限制或篡改,视乎攻击者利用哪些漏洞而定。

 

建议:

现已有适用于受影响系统的软件更新。受影响系统的系统管理员应遵从产品供应商的建议,立即採取行动以降低风险。有关修补程式的详细资料,请参阅供应商网站的相应安全公告中有关 “Fixed Software” 的部分。

系统管理员可联络其产品支援供应商,以取得修补程式及有关支援。

 

进一步资讯:

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanarbfile-2zKhKZwJ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-bypass-HHUVujdn
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-inj-GxVtK6zj
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-xhN8M5jt
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960-3560-sboot-ZtqADrHq
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-api-nBPZcJCM
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-privesc-wCRd5e3
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-gVn3OKNC
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-fileoverwrite-Uc9tXWH
  • https://www.hkcert.org/tc/security-bulletin/cisco-products-multiple-vulnerabilities_20250509
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20122
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20137
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20140
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20147
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20151
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20154 (to CVE-2025-20155)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20157
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20162
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20164
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20181 (to CVE-2025-20182)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20186 (to CVE-2025-20196)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20202
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20210
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20213 (to CVE-2025-20214)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20216
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20221
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20223


标签 : Cisco , Cisco ISR , Cisco ASA , ASR , Cisco Catalyst Switches , Cisco Catalyst AP , Cisco Embedded Wireless Controller , Cisco FTD , Cisco Industrial Compute Gateways , Cisco IOS , Cisco WLC
标签