131/68 Friday, April 4, 2025
Cisco has released patches for two critical security vulnerabilities that could lead to Denial-of-Service (DoS) attacks targeting Meraki MX and Meraki Z devices, as well as the Enterprise Chat and Email (ECE) platform.
The first flaw, CVE-2025-20212, affects the VPN AnyConnect server and allows an authenticated attacker to force the VPN server to restart, disrupting connectivity and requiring users to reconnect multiple times. Cisco has issued updated firmware to fix the vulnerability and recommends that customers immediately upgrade from older firmware versions to ensure continued protection.
The second vulnerability, CVE-2025-20139, impacts the chat functionality within the ECE platform, allowing attackers to send malicious requests to the chat entry point. This can cause the application to become unresponsive, potentially requiring a manual restart by administrators. While the default configuration is not directly affected, Cisco urges users running outdated versions to upgrade to version 12.6 ES 10, which includes the necessary fixes.
In addition, Cisco has released patches for two medium-severity vulnerabilities in its Evolved Programmable Network Manager (EPNM) and Prime Infrastructure, which could allow Cross-site Scripting (XSS) attacks. Although Cisco has not observed these vulnerabilities being exploited in the wild, it strongly recommends that users apply the updates promptly. The advisory also reminds users of previously patched vulnerabilities, CVE-2024-20439 and CVE-2024-20440, which were actively exploited in early 2025, underscoring the importance of timely patching.
Source https://www.securityweek.com/vulnerabilities-expose-cisco-meraki-and-ece-products-to-dos-attacks/
