Every CVE whose affected-product data names Cisco Duo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2023-20123 — CVSS 6.3 (medium): A vulnerability in the offline access mode of Cisco Duo Two-Factor Authentication for macOS and Duo Authentication for Windows Logon and…
CVE-2023-20199 — CVSS 6.2 (medium): A vulnerability in Cisco Duo Two-Factor Authentication for macOS could allow an authenticated, physical attacker to bypass secondary…
CVE-2022-20662 — CVSS 6.1 (medium): A vulnerability in the smart card login authentication of Cisco Duo for macOS could allow an unauthenticated attacker with physical access…
CVE-2025-20258 — CVSS 5.4 (medium): A vulnerability in the self-service portal of Cisco Duo could allow an unauthenticated, remote attacker to inject arbitrary commands into…