CVE-2025-20126

CVE Database · CVE-2025-20126

CVE-2025-20126

· MEDIUMAnalyzed

CVSS v3.1

4.8

EPSS

0.17%

Published

Jan 8, 2025

Modified

Jul 22, 2025

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A vulnerability in certification validation routines of Cisco ThousandEyes Endpoint Agent for macOS and RoomOS could allow an unauthenticated, remote attacker to intercept or manipulate metrics information. This vulnerability exists because the affected software does not properly validate certificates for hosted metrics services. An on-path attacker could exploit this vulnerability by intercepting network traffic using a crafted certificate. A successful exploit could allow the attacker to masquerade as a trusted host and monitor or change communications between the remote metrics service and the vulnerable client.

CVSS Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Weaknesses (CWE)

CWE-295

Affected Products (4)

cisco · thousandeyes_endpoint_agent (up to 1.206.3)vulnerable

apple · macos

cisco · thousandeyes_endpoint_agent (up to 1.207.2)vulnerable

cisco · roomos

References (1)

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-thousandeyes-cert-pqtJUv9N

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs