Cisco has addressed a critical vulnerability in IOS XE Software for Wireless LAN Controllers involving a hard-coded JSON Web Token that could allow remote attackers to fully compromise devices. The flaw affects specific Cisco wireless controllers, especially if the vulnerable feature is enabled. (Affected: Cisco IOS XE Wireless LAN Controllers)
Keypoints :
- Cisco fixed a high-severity vulnerability related to a hard-coded JWT in IOS XE Software for Wireless LAN Controllers.
- The flaw could allow unauthenticated attackers to take control of devices by exploiting the ‘Out-of-Band AP Image Download’ feature when enabled.
- Exploitation allows for file uploads, path traversal, and execution of arbitrary commands with root privileges.
- The vulnerability is tracked as CVE-2025-20188 with a maximum CVSS score of 10.0.
- It affects specific Cisco wireless controllers and access points, particularly if the vulnerable feature is activated.
- Cisco has issued security updates, and administrators are advised to apply them promptly; disabling the feature can mitigate the risk.
- No active exploits are known, but threat actors are likely to scan for vulnerable systems due to the severity.