Cisco

Cisco has identified a critical security vulnerability in its Meraki MX and Z Series devices, which could allow unauthenticated attackers to launch denial of service (DoS) attacks against AnyConnect VPN services. The flaw, tracked as CVE-2025-20271 with a CVSS score of 8.6, stems from variable initialization errors during SSL VPN sessions. Exploitation of this vulnerability can cause the VPN server to restart, terminating all sessions and forcing users to re-authenticate. A sustained attack could render the VPN service unavailable, preventing legitimate users from establishing new connections. The vulnerability affects a wide range of Cisco Meraki devices and requires no authentication to execute, making it particularly dangerous for exposed systems.

Source: https://cybersecuritynews.com/cisco-anyconnect-vpn-server-vulnerability-2/

TPRM report: https://scoringcyber.rankiteo.com/company/cisco-meraki

"id": "cis303061925",
"linkid": "cisco-meraki",
"type": "Vulnerability",
"date": "6/2025",
"severity": "50",
"impact": "1",
"explanation": "Attack without any consequences"

{'affected_entities': [{'industry': 'Networking Equipment',
                        'name': 'Cisco',
                        'type': 'Technology Company'}],
 'attack_vector': 'Sending a sequence of crafted HTTPS requests',
 'date_detected': 'June 18, 2025',
 'date_publicly_disclosed': 'June 18, 2025',
 'description': 'A critical security vulnerability affecting Cisco Meraki MX '
                'and Z Series devices could allow unauthenticated attackers to '
                'launch denial of service (DoS) attacks against AnyConnect VPN '
                'services.',
 'impact': {'downtime': 'Complete VPN service disruption',
            'systems_affected': ['Cisco Meraki MX and Z Series devices']},
 'post_incident_analysis': {'corrective_actions': ['Software updates in '
                                                   'versions 18.107.13, '
                                                   '18.211.6, and 19.1.8'],
                            'root_causes': 'Variable initialization errors '
                                           'during SSL VPN sessions'},
 'response': {'enhanced_monitoring': ['Expand vulnerability monitoring beyond '
                                      'traditional network perimeters'],
              'remediation_measures': ['Software updates addressing this '
                                       'vulnerability across multiple firmware '
                                       'branches']},
 'title': 'Cisco Meraki AnyConnect VPN DoS Flaw',
 'type': 'Denial of Service (DoS)',
 'vulnerability_exploited': 'CVE-2025-20271 (CWE-457)'}

Cisco

OpenVPN

Apache

Kong