CVE-2025-20346

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center (affected versions not specified)

Description A flaw exists in Cisco Catalyst Center that could allow a remote attacker with valid read-only user credentials to perform actions typically reserved for Administrator privileges. This is caused by incorrect role-based access control (RBAC). An attacker with Observer-level access or higher can exploit this by logging into the system and altering policy configurations intended for Administrator use only.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.