Affected Vendors This Week:
- Cisco: 9 CVEs (all medium severity)
This week brings nine medium-severity vulnerabilities, all affecting Cisco infrastructure and collaboration products. While none reach the critical threshold, the breadth of affected systems—from unified communications platforms to IP phones and network management tools—warrants attention from organizations with Cisco deployments.
Cisco Unified Communications & IP Phones
The most impactful vulnerability this week is CVE-2025-20330 (CVSS 6.1), which affects the web-based management interface of Cisco Unified Communications Manager IM & Presence Service. An unauthenticated, remote attacker could exploit this to conduct unauthorized actions. This should be prioritized for patching given the attack surface and lack of required authentication.
IP phone users should also monitor CVE-2025-20335 and CVE-2025-20336 (both CVSS 5.3), which affect directory permissions on Cisco Desk Phone 9800 Series, IP Phone 7800 and 8800 Series, and Video Phone 8875. These vulnerabilities could allow unauthenticated remote attackers to write to or access directories on affected devices.
Cisco Webex & Collaboration
CVE-2025-20328 (CVSS 5.4) targets Cisco Webex Meetings' user profile component, allowing authenticated attackers with low privileges to conduct cross-site scripting (XSS) attacks. Meanwhile, CVE-2025-20291 (CVSS 4.3) could allow unauthenticated attackers to redirect Webex users to malicious sites—a phishing-friendly vulnerability worth monitoring.
Network Management Infrastructure
Three vulnerabilities affect Cisco's network management platforms. CVE-2025-20287 and CVE-2025-20280 both target Cisco Evolved Programmable Network Manager (EPNM), with the former allowing authenticated file uploads and the latter enabling information disclosure. CVE-2025-20270 affects both EPNM and Cisco Prime Infrastructure. Organizations managing large networks should check for available patches for these management interfaces.
Actionable Steps
- Check Cisco's security advisories for patches addressing CVE-2025-20330, CVE-2025-20335, and CVE-2025-20336
- Review access controls on web-based management interfaces for EPNM and Prime Infrastructure
- Update Cisco Webex Meetings clients to mitigate XSS and redirect vulnerabilities
- Prioritize patching based on your exposure—management interfaces and IP phones are high-value targets