Cisco Warns of High-Severity Privilege Escalation Flaw (CVE-2025-20341) in Catalyst Center Virtual Appliance

A newly disclosed high-severity vulnerability in the Cisco Catalyst Center Virtual Appliance could allow attackers with low-level access to elevate their privileges to full administrative control, according to a security advisory published by Cisco. Tracked as CVE-2025-20341 and assigned a CVSS score of 8.8, the flaw stems from improper validation of user-supplied input.

Cisco explains that “a vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system.”

The advisory notes that the issue is triggered when an attacker submits a specially crafted HTTP request. Cisco states that the flaw exists “due to insufficient validation of user-supplied input”, adding that “an attacker could exploit this vulnerability by submitting a crafted HTTP request to an affected system.”

Although the attacker must already possess a valid account, only the lowest-level Observer privileges are needed. A successful compromise could enable full administrative control.

Cisco warns, “A successful exploit could allow the attacker to perform unauthorized modifications to the system, including creating new user accounts or elevating their own privileges.”

The vulnerability impacts specific versions of the Catalyst Center Virtual Appliance: