Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT

/in

Cisco has released software fixes to address a maximum-severity security flaw in its IOS XE Wireless Controller that could enable an unauthenticated, remote attacker to upload arbitrary files to a susceptible system.
The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system.
“This vulnerability is due to the presence of a hard-coded JSON Web Token (JWT) on an

The Hacker News – ​Read More

‘Lemon Sandstorm’ Underscores Risks to Middle East Infrastructu...‘Lemon Sandstorm’ Underscores Risks to Middle East InfrastructureRussian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS MalwareRussian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware