The security deficit, which is set as CV-2025-20188, allows attackers to install arbitrary files on the device without authorizing, which can lead to remote code execution (RCE) and the system completely captured. The problem is related to the use of a fixed JWT (JSON web coin) coin, so the attacker can send HTTPS questions specifically created for the interface to install access points.
Horizon3, although they do not contain ready -made abuse, experienced computer pirates to create enough information to create the technical details of the technical details. Starting from 17.12.04, Cisco announced the security vulnerability by releasing patches for iOS XE versions. The vulnerability affects the device with the device with the out -of -band display download function that allows you to install IS images through HTTPS.
Since the risk of attack is high, users’ software updates are highly recommended. Cisco confirmed that iOS (not XE), iOS XR, Meraki, NX-Sos and Aireo and devices are not affected.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
