{"vulnerability": "CVE-2025-20111", "sightings": [{"uuid": "7aa53775-890f-449c-a6e2-32454b9233d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljfjxzcie22f", "content": "", "creation_timestamp": "2025-03-02T13:26:18.477080Z"}, {"uuid": "c72c917b-5224-40b1-8768-347eb3990454", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljfl2krnac2f", "content": "", "creation_timestamp": "2025-03-02T13:45:38.702493Z"}, {"uuid": "7cd8932a-5bbd-409f-b43b-4adc48a8e139", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lj4x4urfa226", "content": "", "creation_timestamp": "2025-02-27T03:27:43.267389Z"}, {"uuid": "df2354c5-8350-4770-ba94-4560a56cd4de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lj5htzipws2g", "content": "", "creation_timestamp": "2025-02-27T08:26:57.685787Z"}, {"uuid": "94f85614-21c3-4f8c-822e-fa961ddef002", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2025-20111", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lj5itbygss2w", "content": "", "creation_timestamp": "2025-02-27T08:44:26.746481Z"}, {"uuid": "cc652765-2d88-40f9-8d2e-4e0adde58841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3ljis5whj4n2c", "content": "", "creation_timestamp": "2025-03-03T20:30:44.602228Z"}, {"uuid": "a7535ac6-e82e-4e10-9c89-f191b179a9c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "MISP/e1f6260f-3311-441b-92ae-e04cd5eb5f72", "content": "", "creation_timestamp": "2025-08-19T13:26:46.000000Z"}, {"uuid": "af746436-0426-4e24-a491-cddb1a5e52ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3ljiorpmisk2b", "content": "", "creation_timestamp": "2025-03-03T19:30:13.489339Z"}, {"uuid": "c91cd412-4192-4303-9bde-0836db5461b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lj6lumk56s2m", "content": "", "creation_timestamp": "2025-02-27T19:11:34.374543Z"}, {"uuid": "961559e9-0156-4df3-9cce-b9db0b52680b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "seen", "source": "https://t.me/cvedetector/18942", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20111 - Cisco Nexus Switches Ethernet Frame Handling Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2025-20111 \nPublished : Feb. 26, 2025, 5:15 p.m. | 1\u00a0hour, 30\u00a0minutes ago \nDescription : A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.  \n  \nThis vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-26T20:08:15.000000Z"}, {"uuid": "58123e47-0a90-4b86-948e-e2ebfd475c46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1035", "content": "\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u0639\u0645\u0644\u06a9\u0631\u062f \u0646\u0638\u0627\u0631\u062a \u0628\u0631 \u0633\u0644\u0627\u0645\u062a \u0633\u06cc\u0633\u062a\u0645 \u0639\u0627\u0645\u0644 Cisco NX-OS \u0633\u0648\u0626\u06cc\u0686 \u0647\u0627\u06cc Cisco Nexus 3000 \u0648 Nexus 9000 \u0628\u0647 \u0646\u0642\u0635 \u062f\u0631 \u06a9\u0646\u062a\u0631\u0644 \u062f\u0633\u062a\u0631\u0633\u06cc \u0645\u0631\u0628\u0648\u0637 \u0645\u06cc \u0634\u0648\u062f. \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u0641\u0631\u06cc\u0645\u200c\u0647\u0627\u06cc \u0627\u062a\u0631\u0646\u062a \u0633\u0627\u062e\u062a\u0647\u200c\u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u0628\u0627\u0639\u062b \u0627\u0646\u06a9\u0627\u0631 \u0633\u0631\u0648\u06cc\u0633 \u0634\u0648\u062f.\n\nBDU: 2025-02111\nCVE-2025-20111\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f, \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc \u0628\u0631\u0627\u06cc \u0633\u0631\u06a9\u0648\u0628 \u0631\u0627\u0647\u200c\u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u062c\u062f\u062f \u062f\u0631 \u0635\u0648\u0631\u062a \u0634\u06a9\u0633\u062a \u062a\u0633\u062a \u062a\u0634\u062e\u06cc\u0635\u06cc (\u0628\u0631\u0627\u06cc \u0646\u0633\u062e\u0647\u200c\u0647\u0627\u06cc \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 Cisco NX-OS \u06a9\u0647 \u0634\u0627\u0645\u0644 Field Notice FN72433 \u0646\u0645\u06cc\u200c\u0634\u0648\u0646\u062f\u060c \u062a\u0648\u0635\u06cc\u0647 \u0646\u0645\u06cc\u200c\u0634\u0648\u062f):\nnxos# \u067e\u06cc\u06a9\u0631\u0628\u0646\u062f\u06cc\nnxos(config)# \u0627\u067e\u0644\u062a \u0645\u062f\u06cc\u0631 \u0631\u0648\u06cc\u062f\u0627\u062f l2acl_override \u0644\u063a\u0648 __L2ACLRedirect\nnxos(config-applet)# action 1 syslog priority emergencies msg l2aclFailed;\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc SIEM \u0628\u0631\u0627\u06cc \u0631\u062f\u06cc\u0627\u0628\u06cc \u0631\u0648\u06cc\u062f\u0627\u062f\u0647\u0627\u06cc \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u0631\u0627\u0647 \u0627\u0646\u062f\u0627\u0632\u06cc \u0645\u062c\u062f\u062f \u062f\u0633\u062a\u06af\u0627\u0647.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u0627\u062d\u062a\u0645\u0627\u0644 \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc.\n\n\u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u06cc\u062f:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2025-03-15T21:42:33.000000Z"}, {"uuid": "e56b5fc4-71b2-486c-8c7a-609fa1ca2ae1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20111", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5524", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20111\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)\n\ud83d\udd39 Description: A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition.\n\nThis vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload.\n\ud83d\udccf Published: 2025-02-26T16:11:07.388Z\n\ud83d\udccf Modified: 2025-02-26T16:11:07.388Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g", "creation_timestamp": "2025-02-26T16:24:18.000000Z"}]}