Cisco has patched command injection and DoS vulnerabilities in its Nexus switches, including CVE-2025-20111, which affects Nexus 3000 and 9000 series switches in standalone NX-OS mode, allowing unauthenticated attackers to cause a DoS condition. Another flaw enables local attackers with admin credentials to execute arbitrary commands by installing a crafted image. Additionally, four medium-severity vulnerabilities in Cisco’s APIC can be exploited for XSS, DoS, command execution, and data access, but require admin credentials. While Cisco has no reports of active exploitation, its products have historically been targeted, with CISA tracking around 70 exploited Cisco vulnerabilities.

‍