June 4, 2025
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
WSHRAT aka Houdini – Active IOCs
May 8, 2025
CVE-2025-33093 – IBM Sterling Partner Engagement Manager Vulnerability
May 8, 2025
WSHRAT aka Houdini – Active IOCs
May 8, 2025
CVE-2025-33093 – IBM Sterling Partner Engagement Manager Vulnerability
May 8, 2025
Severity
Medium
Analysis Summary
CVE-2025-20188
A vulnerability in the Out-of-Band Access Point (AP) Image Download feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system.
Impact
- Gain Access
Indicators of Compromise
CVE
CVE-2025-20188
Affected Vendors
- Cisco
Affected Products
- Cisco Catalyst 9800 Series Wireless Controllers
- Cisco Catalyst 9800-CL Wireless Controllers for Cloud
- Cisco Embedded Wireless Controller on Catalyst APs
- Cisco Catalyst 9800 Embedded Wireless Controller for Catalyst 9300 - 9400 - 9500 Series Switches
Remediation
Refer to Cisco Security Advisory for patch, upgrade, or suggested workaround information.
