Cisco Patches Command Injection and DoS Vulnerabilities in Nexus Switches

Cisco has addressed command injection and denial of service (DoS) vulnerabilities in certain models of its Nexus switches. The company has released security updates to fix these issues, including a high-severity vulnerability. The most severe flaw, listed as CVE-2025-20111 (CVSS score of 7.4), is found in the health monitoring diagnostics of the Cisco Nexus 3000 Series switches. This vulnerability could allow an attacker to execute arbitrary commands or cause a denial of service.