轉發 台灣電腦網路危機處理暨協調中心 TWCERTCC-200-202509-00000014

[內容說明]
Cisco發布重大資安漏洞公告(CVE-2025-20334，CVSS：8.8)，此漏洞存在於 Cisco IOS XE 的HTTP API子系統，因輸入驗證不足，允許具有管理者權限的攻擊者，可透過精心設計的API請求向受影響的系統進行身分驗證；或未經身分驗證的遠端攻擊者誘使具有管理者權限的合法使用者點擊精心設計的連結以觸發漏洞。當漏洞成功利用後，攻擊者可能以root身分在受影響系統上執行任意命令。

[影響平台]
Cisco IOS XE系統已啟用HTTP伺服器功能，建議至官方網站查詢版本以確定是否受此漏洞影響。
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL#fs

[建議措施]
請參考官方說明進行更新：https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL

[參考資料]
1. https://www.twcert.org.tw/tw/cp-169-10410-5dfbf-1.html
Forwarded by Taiwan Computer Emergency Readiness/Response Team (TWCERT/CC) - TWCERTCC-200-202509-00000014

[Description]
Cisco has released a critical security vulnerability advisory (CVE-2025-20334, CVSS: 8.8). This vulnerability exists in the HTTP API subsystem of Cisco IOS XE. Due to insufficient input validation, an attacker with administrator privileges can exploit this vulnerability by sending a specially crafted API request to the affected system. Alternatively, an unauthenticated remote attacker can trick a legitimate user with administrator privileges into clicking a malicious link to trigger the vulnerability. Once exploited, the attacker may be able to execute arbitrary commands as root on the affected system.

[Affected Platforms]
Cisco IOS XE systems with the HTTP server feature enabled are potentially vulnerable. Users are advised to check their version against the official website to determine if they are affected.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL#fs

[Recommended Actions]
Please refer to the official documentation for updates: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xe-cmd-inject-rPJM8BGL

[References]
1. https://www.twcert.org.tw/tw/cp-169-10410-5dfbf-1.html