Meraki

Community

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service

PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 18 2025 5:52 PM
‎Jun 18 2025 5:52 PM

Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-meraki-mx-vpn...

 

"A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device."

Labels:
2 Replies 2
Blue_Bird
Getting noticed
‎Jun 19 2025 1:39 AM
‎Jun 19 2025 1:39 AM

Thanks for sharing..! @PhilipDAth 

jimmyt234
Head in the Cloud
‎Jun 19 2025 3:10 AM
‎Jun 19 2025 3:10 AM

Luckily I think 99% of our AnyConnect deployments are leveraging SAML and not using certificate auth so not vulnerable to this!

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.