Cisco on Wednesday announced fixes for two high-severity denial-of-service (DoS) vulnerabilities impacting its Meraki MX and Meraki Z series devices and Enterprise Chat and Email (ECE) appliances.
The Meraki bug, tracked as CVE-2025-20212, was discovered in the AnyConnect VPN server, and was the result of a variable not being initialized when establishing an SSL VPN session.
https://www.securityweek.com/vulnerabil ... s-attacks/