SB2025041702 - Privilege escalation in Cisco Secure Network Analytics

Description

This security bulletin contains information about 1 vulnerability.

1) Improper Verification of Cryptographic Signature (CVE-ID: CVE-2025-20178)

CWE-ID: CWE-347 - Improper Verification of Cryptographic Signature

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

The vulnerability allows a remote user to escalate privileges on the system.

The vulnerability exists due to insufficient integrity checks within device backup files in the web-based management interface of Cisco Secure Network Analytics. A remote privileged user can bypass implemented signature verification processes using a specially crafted backup file and restore it on the system, which can result in obtaining root privileges.

Remediation

Install update from vendor's website.

References

• https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sna-prvesc-4BQmK33Z
• https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn51215