Vulnslist

find the latest Cisco vulnerabilities

Cisco ThousandEyes Endpoint Agent for MacOS and RoomOS Certificate Validation Vulnerability

cisco-sa-thousandeyes-cert-pqtJUv9N · Medium · Published · Updated

A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N

Cisco advisory ·CSAF JSON

Workarounds

There are no workarounds that address this vulnerability. However, administrators may disable the agent instant test feature to prevent exploitation of the vulnerability on affected software versions.

While this mitigation has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEsCVE-2025-20126
Cisco Bug IDsCSCwm51243
CVSS ScoreBase 4.8
Base 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:X/RL:X/RC:X
Product Names From Source
Cisco ThousandEyes Endpoint Agent

CSAF Product Statuses

Product Status Source CVE Rows
Cisco ThousandEyes Endpoint Agent known_affected cisco_csaf CVE-2025-20126 1

Related Products

Product CVE Evidence
Cisco ThousandEyes Endpoint Agent CVE-2025-20126 Cisco OpenVuln