CVE-2025-20163 – Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Impersonation Vulnerability

June 4, 2025

CVE ID : CVE-2025-20163

Published : June 4, 2025, 5:15 p.m. | 2 hours, 21 minutes ago

Description : A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices.

This vulnerability is due to insufficient SSH host key validation. An attacker could exploit this vulnerability by performing a machine-in-the-middle attack on SSH connections to Cisco NDFC-managed devices, which could allow an attacker to intercept this traffic. A successful exploit could allow the attacker to impersonate a managed device and capture user credentials.

Severity: 8.7 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-20261 – Cisco IMC SSH Privilege Escalation Vulnerability

Next Article CVE-2025-20129 – Cisco Customer Collaboration Platform (CCP) HTTP Request Manipulation Vulnerability

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

In MCP era API discoverability is now more important than ever

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

Multiple reports suggest a Persona 4 Remake from Atlus will be announced during the Xbox Games Showcase

TC39 advances numerous proposals at latest meeting

TC39 advances numerous proposals at latest meeting

TypeBridge – zero ceremony, compile time rpc for client and server com

Simplify Cloud-Native Development with Quarkus Extensions

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Black Myth: Wukong is coming to Xbox exactly one year after launching on PlayStation

Reddit wants to sue Anthropic for stealing its data, but the Claude AI manufacturers vow to “defend ourselves vigorously”

Satya Nadella says Microsoft makes money every time you use ChatGPT: “Every day that ChatGPT succeeds is a fantastic day”

CVE-2025-20163 – Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Impersonation Vulnerability

Leadership, Trust, and Cyber Hygiene: NCSC’s Guide to Security Culture in Action

CVE-2025-4318 Critical RCE in AWS Amplify Codegen UI

Gain Valuable Company Insights | Scale & Power Your GTM

Implementing login node load balancing in SageMaker HyperPod for enhanced multi-user experience

How to Simplify AWS Multi-Account Management with Terraform and GitOps

Multiclass Text Classification Using LLM (MTC-LLM): A Comprehensive Guide

Controversia sulla paternità del codice Rust per il sottosistema DRM nel kernel Linux

DolphinGemma: How Google AI is helping decode dolphin communication

Evaluating RAG applications with Amazon Bedrock knowledge base evaluation

Immediate Action Required: Critical Apache InLong Vulnerability Exploitable

CVE-2025-20163 – Cisco Nexus Dashboard Fabric Controller SSH Host Key Validation Impersonation Vulnerability

Related Posts