CVE-2025-20156 — Vulnetix

CVE-2025-20156 PUBLISHED

Es existiert eine Schwachstelle in Cisco Meeting Management. Sie besteht in einer unsicheren Handhabung von Benutzerrechten, die es einem Angreifer ermöglichen kann, seine Berechtigungen zu erhöhen. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um Administratorrechte zur Kontrolle der verwalteten Edge-Nodes zu erlangen.

EPSS 1.48% · 81.3th percentile

Risk Scores

EPSS Score

1.48%

81.3th percentile

Affected Products

Vendor	Product	Versions
cisco	Cisco Meeting Management <3.9.1

Timeline

Oct 10, 2024 CVE ID Reserved
Jan 22, 2025 PoC Published
Jan 22, 2025 CVE Published
Jan 22, 2025 PoC Published
Jan 22, 2025 PoC Published
Jan 22, 2025 PoC Published
Jan 22, 2025 PoC Published
Jan 23, 2025 EPSS Score
Jan 23, 2025 PoC Published
Jan 23, 2025 PoC Published
Jan 23, 2025 PoC Published
Jan 23, 2025 PoC Published

References

https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0176.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0176 advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cmm-privesc-uy2Vf8pc advisory

Open in Interactive Console →