CVE-2026-20045 is a Cisco Unified Communications Products code injection vulnerability affecting Cisco Unified Communications Manager and listed by CISA in the Known Exploited Vulnerabilities (KEV) catalog. Because it is already in KEV, this should be treated as a high-priority remediation item. The supplied corpus does not include CVSS data or deeper technical detail, so the safest response is to invento [truncated]
CVE-2025-20362 is a Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) missing authorization vulnerability. CISA added it to the Known Exploited Vulnerabilities catalog on 2025-09-25, which indicates known exploitation and makes it an urgent remediation item. For U.S. federal agencies, the KEV due date is 2025-09-26, tied to Emergency Directive 25-03 and the a [truncated]
CVE-2025-20333 affects Cisco Secure Firewall Adaptive Security Appliance (ASA) and Secure Firewall Threat Defense (FTD) and is described by CISA as a buffer overflow vulnerability. CISA added the issue to its Known Exploited Vulnerabilities catalog on 2025-09-25 and set a due date of 2025-09-26 for federal agencies to begin following the required mitigation guidance. Because the vulnerability is in KEV, d [truncated]
CVE-2025-20337 is a Cisco Identity Services Engine injection vulnerability that CISA added to its Known Exploited Vulnerabilities catalog on 2025-07-28. The public record in this corpus does not include a CVSS score or deeper technical exploitation detail, so the strongest defensive signal is its KEV status and the required remediation deadline of 2025-08-18.
CVE-2025-20281 is a Cisco Identity Services Engine injection vulnerability that CISA added to the Known Exploited Vulnerabilities catalog on 2025-07-28. Because it is a KEV-listed issue, affected Cisco ISE deployments should be treated as urgent remediation targets. The supplied corpus does not include a CVSS score or detailed impact analysis, so defensive action should be driven by Cisco guidance and exp [truncated]
