Cisco (2)

Cisco warns of denial of service flaw with PoC exploit code

Share:

Cisco has released security updates to patch a ClamAV denial-of-service (DoS) vulnerability, which has proof-of-concept (PoC) exploit code.

Tracked as CVE-2025-20128, the vulnerability is caused by a heap-based buffer overflow weakness in the Object Linking and Embedding 2 (OLE2) decryption routine, allowing unauthenticated, remote attackers to trigger a DoS condition on vulnerable devices.

If this vulnerability is successfully exploited, it could cause the ClamAV antivirus scanning process to crash, preventing or delaying further scanning operations.

“An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device,” Cisco explained. “A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.”

However, in an advisory issued today, the company noted that overall system stability would not be affected even after successful attacks.

The vulnerable products list includes the Secure Endpoint Connector software for Linux, Mac, and Windows-based platforms. This solution helps ingest Cisco Secure Endpoint audit logs and events into security information and event management (SIEM) systems like Microsoft Sentinel.

PoC exploit available, no active exploitation

While the Cisco Product Security Incident Response Team (PSIRT) said it has no evidence of in-the-wild exploitation, it added that CVE-2025-20128 exploit code is already available.

“The Cisco PSIRT is aware that proof-of-concept exploit code is available for the vulnerabilities that are described in this advisory,” Cisco PSIRT stated.

Today, the company also patched a Cisco BroadWorks DoS security flaw (CVE-2025-20165) and a critical severity privilege escalation vulnerability (CVE-2025-20156) in the Cisco Meeting Management REST API that lets hackers gain admin privileges on unpatched devices.

In October, it fixed another DoS security bug (CVE-2024-20481) in its Cisco ASA and Firepower Threat Defense (FTD) software, discovered during large-scale brute-force attacks against Cisco Secure Firewall VPN devices in April 2024.

One month later, it addressed a maximum severity vulnerability (CVE-2024-20418) that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) industrial access points.

Source

Leave a Comment

Your email address will not be published. Required fields are marked *

loader-image
London, GB
5:51 am, Apr 2, 2025
weather icon 7°C
L: 5° | H: 8°
clear sky
Humidity: 82 %
Pressure: 1023 mb
Wind: 6 mph NE
Wind Gust: 0 mph
UV Index: 0
Precipitation: 0 mm
Clouds: 0%
Rain Chance: 0%
Visibility: 10 km
Sunrise: 6:33 am
Sunset: 7:34 pm
DailyHourly
Daily ForecastHourly Forecast
Today 10:00 pm
weather icon
5° | 8°°C 0 mm 0% 15 mph 82 % 1023 mb 0 mm/h
Tomorrow 10:00 pm
weather icon
9° | 16°°C 0 mm 0% 11 mph 85 % 1022 mb 0 mm/h
Fri Apr 04 10:00 pm
weather icon
10° | 18°°C 0 mm 0% 14 mph 85 % 1022 mb 0 mm/h
Sat Apr 05 10:00 pm
weather icon
7° | 17°°C 0 mm 0% 12 mph 76 % 1022 mb 0 mm/h
Sun Apr 06 10:00 pm
weather icon
7° | 14°°C 0 mm 0% 11 mph 76 % 1025 mb 0 mm/h
Today 7:00 am
weather icon
7° | 7°°C 0 mm 0% 10 mph 82 % 1023 mb 0 mm/h
Today 10:00 am
weather icon
8° | 12°°C 0 mm 0% 14 mph 76 % 1023 mb 0 mm/h
Today 1:00 pm
weather icon
12° | 15°°C 0 mm 0% 15 mph 60 % 1022 mb 0 mm/h
Today 4:00 pm
weather icon
15° | 15°°C 0 mm 0% 15 mph 56 % 1021 mb 0 mm/h
Today 7:00 pm
weather icon
13° | 13°°C 0 mm 0% 12 mph 61 % 1021 mb 0 mm/h
Today 10:00 pm
weather icon
10° | 10°°C 0 mm 0% 10 mph 69 % 1021 mb 0 mm/h
Tomorrow 1:00 am
weather icon
10° | 10°°C 0 mm 0% 10 mph 76 % 1021 mb 0 mm/h
Tomorrow 4:00 am
weather icon
9° | 9°°C 0 mm 0% 9 mph 80 % 1020 mb 0 mm/h
Name Price24H (%)
Bitcoin(BTC)
€78,226.51
1.59%
Ethereum(ETH)
€1,739.47
2.15%
Tether(USDT)
€0.93
0.01%
XRP(XRP)
€1.94
-0.36%
Solana(SOL)
€115.29
-1.27%
USDC(USDC)
€0.93
0.00%
Dogecoin(DOGE)
€0.158558
1.44%
Shiba Inu(SHIB)
€0.000011
-2.88%
Pepe(PEPE)
€0.000007
2.95%
Scroll to Top