This can be done for Cisco Meraki MX devices by logging into the Dashboard, navigating to “Security & SD-WAN > Configure > Client VPN” and selecting the AnyConnect Settings tab. Cisco disclosed a critical security vulnerability affecting Cisco Meraki MX and Z Series devices, which presents significant risks to enterprise networks. The integration of both Client VPN (L2TP/IPsec) and AnyConnect VPN (SSL/DTLS) services in Meraki devices introduces additional security challenges, requiring vigilant firmware management. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. For Z Series devices, administrators should check under “Teleworker Gateway > Configure > Client VPN.” If the “Enabled” radio button is active, immediate action is required. The vulnerability tracked as CVE-2025-20212 and associated with allows authenticated remote attackers to trigger denial of service (DoS) conditions by manipulating SSL VPN session attributes. The vulnerability allows manipulation of the session state as the server processes incoming requests and reads Cisco advisory. This high-severity flaw, which has a CVSS base score of 7.7, impacts organizations that rely on Cisco AnyConnect VPN for secure remote access solutions. Cisco recommends following firmware best practices and ensuring devices have sufficient memory and compatible hardware configurations before upgrading. The system is designed to recover automatically without manual intervention once attack traffic ceases, but the business impact during exploitation remains significant with possible interruption of critical operations. The CVSS vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:X/RL:X/RC:X indicates that while authentication is required, the attack complexity is low, making exploitation relatively straightforward in real-world network environments.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Apr 2025 14:15:19 +0000