Cisco Product Security Update Advisory

Sep 04 2025

Overview

Cisco has released security updates that address vulnerabilities in Cisco products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-20241

Nexus 3000 Series Switches Versions: All Versions
Nexus 9000 Series Switches in standalone NX-OS mode Versions: All Versions

CVE-2025-20317

NFVIS version: 4.18 or earlier
UCS Manager Software Version: 4.1 or earlier
UCS Manager Software Version : 4.2
UCS Manager Software Version : 4.3
UCS B-Series and X-Series Servers in UCS Manager Mode Version: 4.1 or earlier
UCS B-Series and X-Series Servers in UCS Manager Mode Version : 4.2
UCS B-Series and X-Series Servers in UCS Manager Mode Version : 4.3
UCS B-Series Servers in Intersight Managed Mode Version: Less than 4.2
UCS B-Series Servers in Intersight Managed Mode Version : 3.2
UCS B-Series Servers in Intersight Managed Mode Version: 5.1
UCS B-Series Servers in Intersight Managed Mode Version: 5.2
UCS B-Series Servers in Intersight Managed Mode Version: 5.3
UCS X-Series Servers in Intersight Managed Mode Version: 5.0
UCS X-Series Servers in Intersight Managed Mode Version: 5.1
UCS X-Series Servers in Intersight Managed Mode Version: 5.2
UCS X-Series Servers in Intersight Managed Mode Version: 5.3
UCS C-Series Servers in Standalone Mode or Intersight Managed Mode Version: Less than 4.2
UCS C-Series Servers in Standalone Mode or Intersight Managed Mode Version : 4.2
UCS C-Series Servers in Standalone Mode or Intersight Managed Mode Version : 4.3
UCS C-Series Servers in UCS Manager Mode Version : Less than 4.2
UCS C-Series Servers in UCS Manager Mode Version : 4.2
UCS C-Series Servers in UCS Manager Mode Version : 4.3
UCS E-Series M6 Server Version : 4.15 or earlier

Resolved Vulnerabilities

IS-IS Denial of Service Vulnerability in Cisco Nexus 3000 and 9000 Series Switches (CVE-2025-20127)
VKVM Open Redirect Vulnerability in the Cisco UCS Family of Products (CVE-2025-20317)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-20241

Nexus 3000 Series Switches Versions: See Referenced Sites[1] to update
Nexus 9000 Series Switches in standalone NX-OS mode Versions: See Referenced Sites[1] for updates

CVE-2025-20317

NFVIS Version : 4.18.1
UCS Manager Software Version : 4.2 (3p)
UCS Manager Software Version : 4.3(6a)
UCS B-Series and X-Series Servers in UCS Manager Mode Version : 4.2(3o)
UCS B-Series and X-Series Servers in UCS Manager Mode Version : 4.3(5c)
UCS B-Series Servers in Intersight Managed Mode Version : 4.2(3l)
UCS B-Series Servers in Intersight Managed Mode version : 5.3(0.250001)
UCS X-Series Servers in Intersight Managed Mode Version : 5.0(4i)
UCS X-Series Servers in Intersight Managed Mode version : 5.3(0.250001)
UCS C-Series Servers in Standalone Mode or Intersight Managed Mode Version : 4.2(3o)
UCS C-Series Servers in Standalone Mode or Intersight Managed Mode Version : 4.3(5.250001)
UCS C-Series Servers in UCS Manager Mode Version : 4.2(3o)
UCS C-Series Servers in UCS Manager Mode Version : 4.3(5c)
UCS E-Series M6 Server Version : 4.15.2

References

[1] Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx
[2] Cisco Integrated Management Controller Virtual Keyboard Video Monitor Open Redirect Vulnerability
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ucs-vkvmorv-CnKrV7HK

Cisco Product Security Update Advisory

Microsoft Edge browser (139.0.3405.125) version security update advisory

Siemens Product Security Update Advisory (CVE-2025-40758)

Tags:

Microsoft Edge browser (139.0.3405.125) version security update advisory

Siemens Product Security Update Advisory (CVE-2025-40758)