{"vulnerability": "CVE-2025-20236", "sightings": [{"uuid": "3bc1bdc5-bd8a-4b48-a1c0-9f9e8ec59db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lmy5hnuzj22l", "content": "", "creation_timestamp": "2025-04-17T03:18:34.507447Z"}, {"uuid": "e09a3744-4e38-464e-93d7-b7dbb03ac569", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114349133435273045", "content": "", "creation_timestamp": "2025-04-16T18:48:27.329712Z"}, {"uuid": "8e7c4a53-b3e3-4967-9373-280bcb08d96d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/andranglin.bsky.social/post/3lmyrtdpa2k2g", "content": "", "creation_timestamp": "2025-04-17T09:23:01.995295Z"}, {"uuid": "cabec482-21c9-41fc-a916-9300553622da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://mstdn.ca/users/rfwaveio/statuses/114365217950639273", "content": "", "creation_timestamp": "2025-04-19T14:59:01.042552Z"}, {"uuid": "3c63b636-cc55-4619-97b4-09904c6bca12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lnh6s3clwk2o", "content": "", "creation_timestamp": "2025-04-23T02:52:16.056163Z"}, {"uuid": "5eadc919-b69e-4e89-8066-d448065b8c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114359183287772535", "content": "", "creation_timestamp": "2025-04-18T13:24:15.817829Z"}, {"uuid": "85429666-4551-4563-a984-833da2f8e6e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln3ryr3zke2t", "content": "", "creation_timestamp": "2025-04-18T14:04:00.739740Z"}, {"uuid": "9d4d48ae-8316-4fd8-a058-87383ec73490", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln4gjwl7qk2e", "content": "", "creation_timestamp": "2025-04-18T20:11:31.726176Z"}, {"uuid": "9873a418-588c-41bb-9f71-ae4266fe6843", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3ln52mdyw472b", "content": "", "creation_timestamp": "2025-04-19T02:10:47.965638Z"}, {"uuid": "9314f8fd-6635-4fb1-a1a6-c5ad2ec1e222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln52nbrsyt25", "content": "", "creation_timestamp": "2025-04-19T02:11:18.936571Z"}, {"uuid": "b0571a0a-421a-4231-9866-8f508f76a153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3ln52nbvnpz2n", "content": "", "creation_timestamp": "2025-04-19T02:11:19.505640Z"}, {"uuid": "3527f5a8-da42-4b72-9374-ac560e1e9f7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/eyalestrin.bsky.social/post/3ln5psqqibh27", "content": "", "creation_timestamp": "2025-04-19T08:30:10.952534Z"}, {"uuid": "9e55d901-dee5-4865-bf71-b3d8c0f6c17c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://bsky.app/profile/redteamnews.bsky.social/post/3lnbryoolif2b", "content": "", "creation_timestamp": "2025-04-20T23:19:56.793325Z"}, {"uuid": "e539adcf-9287-46b9-b985-c4f4a8e1cd34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:40.000000Z"}, {"uuid": "508977c6-7cbc-40fe-9d6b-1601ba28630b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:57.000000Z"}, {"uuid": "e21aec02-02bc-42ba-b7a1-9a1f5fe4a6ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "seen", "source": "https://t.me/cvedetector/23135", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-20236 - \"Cisco Webex App URL Parser Remote Command Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-20236 \nPublished : April 16, 2025, 5:15 p.m. | 28\u00a0minutes ago \nDescription : A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.  \n  \n This vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T20:14:24.000000Z"}, {"uuid": "e4cbd284-5d79-479b-99dc-1c237087bc84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-20236\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A vulnerability in the custom URL parser of Cisco Webex App could allow an unauthenticated, remote attacker to persuade a user to download arbitrary files, which could allow the attacker to execute arbitrary commands on the host of the targeted user.\n\nThis vulnerability is due to insufficient input validation when Cisco Webex App processes a meeting invite link. An attacker could exploit this vulnerability by persuading a user to click a crafted meeting invite link and download arbitrary files. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the targeted user.\n\ud83d\udccf Published: 2025-04-16T16:16:23.291Z\n\ud83d\udccf Modified: 2025-04-17T03:55:22.841Z\n\ud83d\udd17 References:\n1. https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC", "creation_timestamp": "2025-04-17T04:57:28.000000Z"}, {"uuid": "64cd6070-2eb6-41e9-b418-e8b9b18ee719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-20236", "type": "published-proof-of-concept", "source": "https://t.me/ics_cert/1125", "content": "\u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u062f\u0631 \u06a9\u0646\u062a\u0631\u0644\u200c\u06a9\u0646\u0646\u062f\u0647 URL \u0646\u0631\u0645\u200c\u0627\u0641\u0632\u0627\u0631 \u06a9\u0646\u0641\u0631\u0627\u0646\u0633 \u0648\u0628 Cisco Webex App \u0648\u062c\u0648\u062f \u062f\u0627\u0631\u062f \u06a9\u0647 \u0628\u0647 \u0634\u0645\u0627 \u0627\u0645\u06a9\u0627\u0646 \u0645\u06cc\u200c\u062f\u0647\u062f \u0641\u0627\u06cc\u0644 \u0631\u0627 \u0627\u0632 \u06cc\u06a9 \u0645\u0646\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631 \u062f\u0627\u0646\u0644\u0648\u062f \u06a9\u0646\u06cc\u062f. \u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u062f\u0633\u062a\u0648\u0631\u0627\u062a \u062f\u0644\u062e\u0648\u0627\u0647 \u0631\u0627 \u0632\u0645\u0627\u0646\u06cc \u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631 \u0628\u0631 \u0631\u0648\u06cc \u06cc\u06a9 \u067e\u06cc\u0648\u0646\u062f \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0648\u06cc\u0698\u0647 \u06a9\u0644\u06cc\u06a9 \u0645\u06cc \u06a9\u0646\u062f\u060c \u0627\u062c\u0631\u0627 \u06a9\u0646\u062f.\n\nBDU: 2025-04707\nCVE-2025-20236\n\n\u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f\u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u06a9\u0647 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0647\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u06cc \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n\u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n- \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062a\u0648\u0627\u0646\u0627\u06cc\u06cc \u06a9\u0627\u0631\u0628\u0631\u0627\u0646 \u0628\u0631\u0627\u06cc \u062f\u0646\u0628\u0627\u0644 \u06a9\u0631\u062f\u0646 \u067e\u06cc\u0648\u0646\u062f\u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631\u061b\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0645\u062d\u06cc\u0637 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0627\u06cc\u0632\u0648\u0644\u0647 \u0628\u0631\u0627\u06cc \u0628\u0627\u0632 \u06a9\u0631\u062f\u0646 \u0644\u06cc\u0646\u06a9 \u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0622\u0646\u062a\u06cc \u0648\u06cc\u0631\u0648\u0633 \u0628\u0631\u0627\u06cc \u0628\u0631\u0631\u0633\u06cc \u0644\u06cc\u0646\u06a9 \u0647\u0627\u06cc \u062f\u0631\u06cc\u0627\u0641\u062a \u0634\u062f\u0647 \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0646\u0627\u0645\u0639\u062a\u0628\u0631.\n- \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0633\u06cc\u0633\u062a\u0645 \u0647\u0627\u06cc \u062a\u0634\u062e\u06cc\u0635 \u0646\u0641\u0648\u0630 \u0648 \u067e\u06cc\u0634\u06af\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0634\u0646\u0627\u0633\u0627\u06cc\u06cc (\u0634\u0646\u0627\u0633\u0627\u06cc\u06cc\u060c \u062b\u0628\u062a) \u0648 \u067e\u0627\u0633\u062e \u0628\u0647 \u062a\u0644\u0627\u0634 \u0647\u0627 \u0628\u0631\u0627\u06cc \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u06cc\u06a9 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc.\n\n\u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627:\nhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-app-client-rce-ufyMMYLC\n\n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33\n\u06af\u0631\u0648\u0647 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ICSCERT_IR", "creation_timestamp": "2025-04-23T19:49:59.000000Z"}]}