Cisco Releases Software Patches for Critical Security Flaw in IOS XE Wireless Controller

Cisco has released software patches to address a critical security vulnerability in its IOS XE wireless controller. This vulnerability, identified as CVE-2025-20188, has been given a score of 10.0 on the CVSS scale. The flaw allows an unauthenticated, remote attacker to upload arbitrary files to a vulnerable system. The cause of this vulnerability is the presence of a hardcoded JSON Web Token (JWT).