By Tushar Subhra Dutta
Publication Date: 2025-11-15 14:48:00
A serious security flaw in Cisco Catalyst Center Virtual Appliance has been discovered that allows attackers with low-level access to gain full administrator control over affected systems.
The vulnerability, tracked as CVE-2025-20341, impacts virtual appliances running on VMware ESXi and carries a high severity rating with a CVSS score of 8.8.
This flaw poses a major risk to organizations using these systems for network management and monitoring.
The vulnerability stems from poor input validation within the system. When users submit data through web requests, the software fails to properly check and verify the information.
This oversight creates an opportunity for attackers to send specially designed HTTP requests that trick the system into granting them higher privileges.
The attack can be carried out remotely over the network, making it particularly dangerous for exposed systems.
What makes this vulnerability concerning is that an…
