Cisco has issued a vital advisory relating to a privilege escalation vulnerability in its Assembly Administration REST API.
The flaw tracked as CVE-2025-20156, permits a distant, authenticated attacker with low privileges to raise their entry to administrator-level management on affected gadgets, posing a major risk to affected techniques.
Vulnerability Particulars
The vulnerability stems from improper authorization enforcement on the REST API.
By exploiting this safety lapse, attackers can ship specifically crafted API requests to a selected endpoint, doubtlessly gaining unauthorized administrative management over edge nodes managed by Cisco Assembly Administration.
This vulnerability has been assigned a CVSS Rating of 9.9, indicating its criticality.
Examine Actual-World Malicious Hyperlinks & Phishing Assaults With Risk Intelligence Lookup - Attempt for Free
Cisco’s safety group has urged all prospects to behave instantly to stop potential exploitation. The advisory is printed underneath the ID cisco-sa-cmm-privesc-uy2Vf8pc.
Affected Merchandise
The vulnerability impacts all variations of Cisco Assembly Administration earlier than model 3.9.1. The breakdown of affected variations is as follows:
- Cisco Assembly Administration 3.8 and earlier: Susceptible. Customers should migrate to a hard and fast launch.
- Cisco Assembly Administration 3.9: Susceptible however fastened in model 3.9.1.
- Cisco Assembly Administration 3.10: Not affected.
Cisco has clarified that solely merchandise explicitly listed within the advisory are affected.
The advisory confirmed that no workarounds are accessible to mitigate this vulnerability. Clients are suggested to improve to the fastened software program as the only real remediation.
Cisco has launched free safety updates for eligible prospects to deal with the vulnerability. Customers with legitimate service contracts or licenses can entry the fastened software program by way of their standard replace channels.
Mounted releases embrace model 3.9.1 for affected Cisco Assembly Administration installations. Clients ought to confirm {hardware} and software program compatibility earlier than performing upgrades to make sure the protection and stability of their techniques.
The Cisco Product Safety Incident Response Group (PSIRT) has not noticed any public exploitation or malicious use of this vulnerability. Nonetheless, customers are strongly inspired to behave preemptively to safe their techniques.
Cisco advises all impacted prospects to carry out the required updates promptly. These with out service contracts or unable to entry updates by way of common channels can contact the Cisco Technical Help Middle (TAC) for assist.
This vital vulnerability underscores the significance of staying vigilant and making use of updates promptly to mitigate safety dangers.
Integrating Utility Safety into Your CI/CD Workflows Utilizing Jenkins & Jira -> Free Webinar