- Description
- A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.
- Source
- psirt@cisco.com
- NVD status
- Analyzed
- Products
- thousandeyes_endpoint_agent
CVSS 3.1
- Type
- Primary
- Base score
- 4.8
- Impact score
- 2.5
- Exploitability score
- 2.2
- Vector string
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
- Severity
- MEDIUM
- psirt@cisco.com
- CWE-295
- Hype score
- Not currently trending
Cisco ThousandEyes Endpoint Agent for MacOS and RoomOS Certificate Validation Vulnerability (CVE-2025-20126) #CertificateValidationVulnerability #Cisco #CiscoThousandEyes #CVE202520126 #CyberSecurity https://t.co/LqqXS2KVZ1
@SystemTek_UK
17 Jan 2025
19 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20126 Certificate Validation Flaw in Cisco ThousandEyes Enables Man-in-the-Middle Attacks Cisco ThousandEyes Endpoint Agent for macOS and RoomOS has a vulnerability. It is in the certification validation... https://t.co/E8eBxla1mD
@VulmonFeeds
8 Jan 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-20126 A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to inte… https://t.co/CX9mfM767Z
@CVEnew
8 Jan 2025
272 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:thousandeyes_endpoint_agent:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "750FAF96-CB1C-4594-ADAD-1759E2814248",
"versionEndExcluding": "1.206.3"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:macos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "387021A0-AF36-463C-A605-32EA7DAC172E"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:thousandeyes_endpoint_agent:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "68F80C79-AA52-457E-806A-92B049076693",
"versionEndExcluding": "1.207.2"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:roomos:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "8F10D2C6-D629-45E1-966F-AB9EAB4EDB03"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]