Exploited CVEs / By vendor / Cisco

Cisco vulnerabilities actively exploited

93 Cisco CVEs on the CISA Known Exploited Vulnerabilities catalog, newest first. Refreshed daily.

Every CVE below is confirmed exploited in the wild, not just theoretically severe. The newest addition is CVE-2026-20230 (Unified Communications Manager, added 2026-06-25). 6 of the 93 are used in ransomware campaigns. New CISA KEV entries appear here the day they are cataloged; the freshest across all vendors are on exploited this week.

93 exploited CVEs6 ransomware-linked

Ask your own AI about Cisco exploited CVEs

Copy this prompt into Claude, ChatGPT, or Copilot. The facts are included, sourced from this page.

IOS and IOS XE Software: 14 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2017-6742IOS and IOS XE Software2023-04-19CVSS 8.8, EPSS 21%
CVE-2017-12237IOS and IOS XE Software2022-03-03CVSS 7.5, EPSS 7%
CVE-2017-12240IOS and IOS XE Software2022-03-03CVSS 9.8, EPSS 14%
CVE-2017-6627IOS and IOS XE Software2022-03-03CVSS 7.5, EPSS 6%
CVE-2017-6663IOS and IOS XE Software2022-03-03CVSS 6.5, EPSS 2%
CVE-2017-6736IOS and IOS XE Software2022-03-03CVSS 8.8, EPSS 71%
CVE-2017-6737IOS and IOS XE Software2022-03-03CVSS 8.8, EPSS 43%
CVE-2017-6738IOS and IOS XE Software2022-03-03CVSS 8.8, EPSS 11%
CVE-2017-6739IOS and IOS XE Software2022-03-03CVSS 8.8, EPSS 11%
CVE-2017-6740IOS and IOS XE Software2022-03-03CVSS 8.8, EPSS 11%
CVE-2017-6743IOS and IOS XE Software2022-03-03CVSS 8.8, EPSS 11%
CVE-2018-0151IOS and IOS XE Software2022-03-03CVSS 9.8, EPSS 14%
CVE-2018-0172IOS and IOS XE Software2022-03-03CVSS 8.6, EPSS 8%
CVE-2018-0173IOS and IOS XE Software2022-03-03CVSS 8.6, EPSS 8%

Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD): 6 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2024-20481Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)2024-10-24CVSS 5.8, EPSS 16%
CVE-2024-20353Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)2024-04-24CVSS 8.6, EPSS 63%
CVE-2024-20359Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)2024-04-24CVSS 6.0, EPSS 17%
CVE-2020-3259Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)2024-02-15ransomware, CVSS 7.5, EPSS 72%
CVE-2020-3452Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)2021-11-03CVSS 7.5, EPSS 100%
CVE-2020-3580Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD)2021-11-03ransomware, CVSS 6.1, EPSS 85%

IOS XR: 6 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2022-20821IOS XR2022-05-23CVSS 6.5, EPSS 12%
CVE-2009-2055IOS XR2022-03-25CVSS 5.9, EPSS 3%
CVE-2010-3035IOS XR2022-03-25CVSS 7.5, EPSS 6%
CVE-2020-3118IOS XR2021-11-03CVSS 8.8, EPSS 12%
CVE-2020-3566IOS XR2021-11-03CVSS 8.6, EPSS 4%
CVE-2020-3569IOS XR2021-11-03CVSS 8.6, EPSS 3%

IOS software: 6 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2017-12231IOS software2022-03-03CVSS 7.5, EPSS 7%
CVE-2017-12232IOS software2022-03-03CVSS 6.5, EPSS 2%
CVE-2017-12233IOS software2022-03-03CVSS 7.5, EPSS 7%
CVE-2017-12234IOS software2022-03-03CVSS 7.5, EPSS 7%
CVE-2017-12235IOS software2022-03-03CVSS 7.5, EPSS 7%
CVE-2017-6744IOS software2022-03-03CVSS 8.8, EPSS 7%

Small Business RV160, RV260, RV340, and RV345 Series Routers: 5 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2022-20699Small Business RV160, RV260, RV340, and RV345 Series Routers2022-03-03CVSS 9.8, EPSS 72%
CVE-2022-20700Small Business RV160, RV260, RV340, and RV345 Series Routers2022-03-03CVSS 9.8, EPSS 6%
CVE-2022-20701Small Business RV160, RV260, RV340, and RV345 Series Routers2022-03-03CVSS 7.8, EPSS 10%
CVE-2022-20703Small Business RV160, RV260, RV340, and RV345 Series Routers2022-03-03CVSS 8.0, EPSS 9%
CVE-2022-20708Small Business RV160, RV260, RV340, and RV345 Series Routers2022-03-03CVSS 8.0, EPSS 15%

Catalyst SD-WAN Manager: 4 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2026-20262Catalyst SD-WAN Manager2026-06-15CVSS 6.5, EPSS 8%
CVE-2026-20245Catalyst SD-WAN Manager2026-06-09CVSS 7.8, EPSS 25%
CVE-2026-20128Catalyst SD-WAN Manager2026-04-20CVSS 7.5, EPSS 5%
CVE-2026-20133Catalyst SD-WAN Manager2026-04-20CVSS 7.5, EPSS 10%

IOS and IOS XE: 4 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2025-20352IOS and IOS XE2025-09-29CVSS 7.7, EPSS 38%
CVE-2023-20109IOS and IOS XE2023-10-10CVSS 6.6, EPSS 2%
CVE-2017-3881IOS and IOS XE2022-03-25CVSS 9.8, EPSS 99%
CVE-2018-0171IOS and IOS XE2021-11-03CVSS 9.8, EPSS 100%

Adaptive Security Appliance (ASA): 4 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2014-2120Adaptive Security Appliance (ASA)2024-11-12CVSS 6.1, EPSS 14%
CVE-2016-6366Adaptive Security Appliance (ASA)2022-05-24CVSS 8.8, EPSS 88%
CVE-2016-6367Adaptive Security Appliance (ASA)2022-05-24CVSS 7.8, EPSS 23%
CVE-2018-0296Adaptive Security Appliance (ASA)2021-11-03CVSS 7.5, EPSS 100%

IOS Software: 4 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2018-0154IOS Software2022-03-03CVSS 7.5, EPSS 7%
CVE-2018-0161IOS Software2022-03-03CVSS 6.3, EPSS 5%
CVE-2018-0179IOS Software2022-03-03CVSS 5.9, EPSS 5%
CVE-2018-0180IOS Software2022-03-03CVSS 5.9, EPSS 5%

IOS Software and Cisco IOS XE Software: 3 exploited CVEs

CVEProductAdded to KEVSignals
CVE-2018-0156IOS Software and Cisco IOS XE Software2022-03-03CVSS 7.5, EPSS 8%
CVE-2018-0158IOS Software and Cisco IOS XE Software2022-03-03CVSS 8.6, EPSS 7%
CVE-2018-0159IOS Software and Cisco IOS XE Software2022-03-03CVSS 7.5, EPSS 7%

Other Cisco products

CVEProductAdded to KEVSignals
CVE-2026-20230Unified Communications Manager2026-06-25CVSS 8.6, EPSS 42%
CVE-2026-20182Catalyst SD-WAN2026-05-14CVSS 10.0, EPSS 88%
CVE-2026-20122Catalyst SD-WAN Manger2026-04-20CVSS 5.4, EPSS 7%
CVE-2026-20131Secure Firewall Management Center (FMC)2026-03-19ransomware, CVSS 10.0, EPSS 28%
CVE-2022-20775SD-WAN2026-02-25CVSS 7.8, EPSS 12%
CVE-2026-20127Catalyst SD-WAN Controller and Manager2026-02-25CVSS 10.0, EPSS 58%
CVE-2026-20045Unified Communications Manager2026-01-21CVSS 9.8, EPSS 4%
CVE-2025-20393Multiple Products2025-12-17CVSS 10.0, EPSS 29%
CVE-2025-20333Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense2025-09-25CVSS 9.9, EPSS 40%
CVE-2025-20362Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense2025-09-25CVSS 8.6, EPSS 86%
CVE-2025-20281Identity Services Engine2025-07-28CVSS 10.0, EPSS 97%
CVE-2025-20337Identity Services Engine2025-07-28CVSS 10.0, EPSS 65%
CVE-2024-20439Smart Licensing Utility2025-03-31CVSS 9.8, EPSS 92%
CVE-2023-20118Small Business RV Series Routers2025-03-03CVSS 7.2, EPSS 54%
CVE-2024-20399NX-OS2024-07-02CVSS 6.7, EPSS 4%
CVE-2023-20273Cisco IOS XE Web UI2023-10-23CVSS 7.2, EPSS 90%
CVE-2023-20198IOS XE Web UI2023-10-16CVSS 10.0, EPSS 100%
CVE-2023-20269Adaptive Security Appliance and Firepower Threat Defense2023-09-13ransomware, CVSS 9.1, EPSS 22%
CVE-2004-1464IOS2023-05-19CVSS 5.9, EPSS 5%
CVE-2016-6415IOS, IOS XR, and IOS XE2023-05-19CVSS 7.5, EPSS 88%
CVE-2020-3153AnyConnect Secure2022-10-24ransomware, CVSS 6.5, EPSS 28%
CVE-2020-3433AnyConnect Secure2022-10-24ransomware, CVSS 7.8, EPSS 10%
CVE-2019-15271RV Series Routers2022-06-08CVSS 8.8, EPSS 6%
CVE-2015-0666Prime Data Center Network Manager (DCNM)2022-03-25CVSS 7.5, EPSS 41%
CVE-2018-0125VPN Routers2022-03-25CVSS 9.8, EPSS 55%
CVE-2018-0147Secure Access Control System (ACS)2022-03-25CVSS 9.8, EPSS 19%
CVE-2017-12238Catalyst 6800 Series Switches2022-03-03CVSS 6.5, EPSS 2%
CVE-2017-12319IOS XE Software2022-03-03CVSS 5.9, EPSS 5%
CVE-2018-0155Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches2022-03-03CVSS 8.6, EPSS 8%
CVE-2018-0167IOS, XR, and XE Software2022-03-03CVSS 8.8, EPSS 3%
CVE-2018-0174IOS XE Software2022-03-03CVSS 8.6, EPSS 8%
CVE-2018-0175IOS, XR, and XE Software2022-03-03CVSS 8.0, EPSS 4%
CVE-2019-1652Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers2022-03-03CVSS 7.2, EPSS 96%
CVE-2019-1653Small Business RV320 and RV325 Routers2021-11-03CVSS 7.5, EPSS 100%
CVE-2020-3161Cisco IP Phones2021-11-03CVSS 9.8, EPSS 84%
CVE-2021-1497HyperFlex HX2021-11-03CVSS 9.8, EPSS 100%
CVE-2021-1498HyperFlex HX2021-11-03CVSS 9.8, EPSS 100%

Common questions about exploited Cisco CVEs

Which Cisco vulnerabilities are actively exploited?

As of July 2026, 93 Cisco CVEs are on the CISA Known Exploited Vulnerabilities catalog, meaning exploitation in the wild is confirmed. The most-listed products are IOS and IOS XE Software (14), Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) (6), IOS XR (6), IOS software (6). 6 are linked to ransomware campaigns.

What is the newest exploited Cisco CVE?

CVE-2026-20230, affecting Unified Communications Manager, added to the CISA KEV catalog on 2026-06-25. This page refreshes daily, so the newest entry is always first in the table.

How urgent are these Cisco CVEs?

KEV listing is the strongest fix-first signal there is: it means confirmed exploitation, not a prediction. Patch these ahead of higher-CVSS issues that nobody is exploiting. Check the vendor advisory (linked below) for fixed versions and workarounds.

Can I ask my own AI about exploited Cisco CVEs?

Yes. This page includes a free copy-paste AI prompt carrying the newest Cisco KEV entries, with CVSS, EPSS, and ransomware context, into Claude, ChatGPT, or Copilot. The data is refreshed daily.

All vendors, searchable with due dates and CSV export: the exploited-CVE tracker. Every vendor with a page: exploited by vendor.

Sponsored by SenservaMicrosoft 365, Intune, Defender, and Entra ID security and compliance, with automated remediation and Trustworthy AI.Scan free
Lexicon: the terms on this page
CVE
Common Vulnerabilities and Exposures. A unique ID for one publicly known vulnerability, such as CVE-2025-1234.
KB
Microsoft Knowledge Base article. The identifier for a specific Microsoft update.
KEV
CISA Known Exploited Vulnerabilities. CVEs confirmed exploited in the wild. Fix these first.
CVSS
Common Vulnerability Scoring System. A standardized Severity score from 0 to 10.
EPSS
Exploit Prediction Scoring System. The probability a CVE will be exploited in the next 30 days.
MSRC
Microsoft Security Response Center. Microsoft's Patch Tuesday advisories and KB-to-CVE mapping.
NVD
National Vulnerability Database (NIST). Authoritative CVE metadata and CVSS scores.
Ransomware
The vulnerability is linked to known ransomware activity.
Reference: the Microsoft patching guide, how Intune, Windows Autopatch, Defender, and Azure Update Manager fit together.
Data notice: this page, the feeds, and the API are provided as is, for informational purposes only, without warranty of any kind. Senserva, LLC does not guarantee the accuracy, completeness, or timeliness of third-party data (MSRC, NVD, CISA KEV, EPSS) and accepts no liability for actions taken based on it; verify against the authoritative vendor advisory before acting. Built daily with Senserva Trustworthy AI. All use of this data is subject to the Senserva EULA.