1. 主頁
  2. 保安警報
  3. 保安警報 (A25-05-06)

保安警報 (A25-05-06): Cisco 產品多個漏洞


 

發布日期: 2025年 5月 9日

  
  

描述:

Cisco 發布了安全公告,以應對 Cisco 裝置及軟件的多個漏洞。有關漏洞及攻擊向量的資料,請參閱供應商網站的相應安全公告。

 

受影響的系統:

  • Cisco 800、1000、1100、4000 Series Integrated Services Routers
  • Cisco ASA Software
  • Cisco ASR 903 Aggregation Services Routers with RSP3C
  • Cisco Catalyst 1000、2960-L、2960CX、2960X、2960XR、3560CX Series Switches
  • Cisco Catalyst 8200、8300、8500、8500L Series Edge Platforms
  • Cisco Catalyst 9100 Family of Access Points
  • Cisco Catalyst 9800-CL Wireless Controllers for Cloud
  • Cisco Catalyst 9800 Series Wireless Controllers
  • Cisco Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300、9400 及 9500 Series Switches
  • Cisco Embedded Wireless Controller on Catalyst APs
  • Cisco FTD Software
  • Cisco IC3000 Industrial Compute Gateways
  • Cisco IE 2000、4000、4010、5000 Series
  • Cisco IOS Software
  • Cisco IOS XE Software
  • Cisco IOS XE Software for WLCs
  • Cisco WLC AireOS Software

有關受影響產品的詳細資料,請參閱供應商網站的相應安全公告中有關 “Affected Products” 的部分。

 

影響:

成功利用漏洞可以導致受影響的系統發生遠端執行程式碼、服務被拒絕、權限提升、泄漏資訊、繞過保安限制或篡改,視乎攻擊者利用哪些漏洞而定。

 

建議:

現已有適用於受影響系統的軟件更新。受影響系統的系統管理員應遵從產品供應商的建議,立即採取行動以降低風險。有關修補程式的詳細資料,請參閱供應商網站的相應安全公告中有關 “Fixed Software” 的部分。

系統管理員可聯絡其產品支援供應商,以取得修補程式及有關支援。

 

進一步資訊:

  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catalyst-tls-PqnD5KEJ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-catc-insec-acc-mtt8EhEb
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-user-del-hQxMpUDj
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-dos-95Fqnf7b
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwanarbfile-2zKhKZwJ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmp-bypass-HHUVujdn
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snmpv3-qKEYvzsy
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-html-inj-GxVtK6zj
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-xhN8M5jt
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-multi-ARNHM4v6
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960-3560-sboot-ZtqADrHq
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-api-nBPZcJCM
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ewlc-cdp-dos-fpeks9K
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-privesc-wCRd5e3
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multiprod-ikev2-dos-gPctUqv2
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-priviesc-WCk7bmmt
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sisf-dos-ZGwt4DdY
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webui-cmdinj-gVn3OKNC
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-file-uplpd-rHZG9UfC
  • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-fileoverwrite-Uc9tXWH
  • https://www.hkcert.org/tc/security-bulletin/cisco-products-multiple-vulnerabilities_20250509
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20122
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20137
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20140
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20147
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20151
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20154 (to CVE-2025-20155)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20157
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20162
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20164
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20181 (to CVE-2025-20182)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20186 (to CVE-2025-20196)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20202
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20210
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20213 (to CVE-2025-20214)
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20216
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20221
  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-20223


標籤 : Cisco , Cisco ISR , Cisco ASA , ASR , Cisco Catalyst Switches , Cisco Catalyst AP , Cisco Embedded Wireless Controller , Cisco FTD , Cisco Industrial Compute Gateways , Cisco IOS , Cisco WLC
標籤