Cisco has launched software program fixes to handle a maximum-severity security flaw in its IOS XE Wi-fi Controller that would allow an unauthenticated, distant attacker to add arbitrary recordsdata to a vulnerable system.
The vulnerability, tracked as CVE-2025-20188, has been rated 10.0 on the CVSS scoring system.
“This vulnerability is because of the presence of a hard-coded JSON Internet Token (JWT) on an affected system,” the corporate stated in a Wednesday advisory.
“An attacker might exploit this vulnerability by sending crafted HTTPS requests to the AP picture obtain interface. A profitable exploit might permit the attacker to add recordsdata, carry out path traversal, and execute arbitrary instructions with root privileges.”
That stated, to ensure that the exploitation to achieve success, the Out-of-Band AP Picture Obtain characteristic should be enabled on the machine. It is disabled by default.
The next merchandise are affected, if they’ve a susceptible launch operating and have the Out-of-Band AP Picture Obtain characteristic turned on –
- Catalyst 9800-CL Wi-fi Controllers for Cloud
- Catalyst 9800 Embedded Wi-fi Controller for Catalyst 9300, 9400, and 9500 Collection Switches
- Catalyst 9800 Collection Wi-fi Controllers
- Embedded Wi-fi Controller on Catalyst APs
Whereas updating to the most recent model is the very best plan of action, as momentary mitigations, customers can disable the characteristic till an improve might be carried out.
“With this characteristic disabled, AP picture obtain will use the CAPWAP methodology for the AP picture replace characteristic, and this doesn’t influence the AP consumer state,” Cisco added.
The networking tools main credited X.B. of the Cisco Superior Safety Initiatives Group (ASIG) for locating the reporting the bug throughout inside security testing. There isn’t a proof that the vulnerability has been maliciously exploited within the wild.
