Summary: Cisco has released patches for three vulnerabilities, including a critical flaw in Meeting Management that allows remote attackers to gain administrator privileges. Additionally, a high-severity bug in Cisco BroadWorks could lead to denial-of-service conditions, while a medium-severity issue in ClamAV could crash the scanning process. Users are urged to update their systems to mitigate these risks.
Threat Actor: Unknown | unknown
Victim: Cisco | Cisco
Keypoints :
- Critical vulnerability CVE-2025-20156 allows remote attackers to elevate privileges in Meeting Management.
- High-severity bug CVE-2025-20165 in BroadWorks can cause denial-of-service conditions through unhandled SIP requests.
- Medium-severity flaw CVE-2025-20128 in ClamAV can crash the scanning process, but overall system stability remains unaffected.
Source: https://www.securityweek.com/cisco-patches-critical-vulnerability-in-meeting-management/