Cisco Releases Updates for Critical Security Vulnerabilities
/ 1 min read
🛡️♂️ Cisco addresses critical security vulnerabilities in Meeting Management and BroadWorks. Cisco has released software updates to fix a critical privilege escalation flaw (CVE-2025-20156) in its Meeting Management system, allowing remote attackers to gain administrator access. This vulnerability, with a CVSS score of 9.9, affects multiple versions of the product. Additionally, Cisco patched a denial-of-service vulnerability (CVE-2025-20165) in BroadWorks, which could be exploited through excessive SIP requests, and an integer underflow bug (CVE-2025-20128) in ClamAV. The company acknowledged the contributions of security researchers in identifying these issues. Meanwhile, U.S. cybersecurity agencies detailed exploit chains used by nation-state actors against Ivanti’s cloud services, highlighting the ongoing threat landscape.
