Cisco Staros
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Cisco Staros.
Recent Cisco Staros Security Advisories
| Advisory | Title | Published |
|---|---|---|
| 2023-04-19 | Cisco StarOS Software Key-Based SSH Authentication Privilege Escalation Vulnerability | April 19, 2023 |
| 2022-03-02 | Cisco StarOS Command Injection Vulnerability | March 2, 2022 |
| 2022-02-16 | Cisco Redundancy Configuration Manager for Cisco StarOS Software TCP Denial of Service Vulnerability | February 16, 2022 |
| 2022-01-19 | Cisco Redundancy Configuration Manager for Cisco StarOS Software Multiple Vulnerabilities | January 19, 2022 |
By the Year
In 2026 there have been 0 vulnerabilities in Cisco Staros. Last year, in 2025 Staros had 1 security vulnerability published. Right now, Staros is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 1 | 10.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 1 | 5.30 |
It may take a day or so for new Staros vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cisco Staros Security Vulnerabilities
Unauth RCE in Erlang/OTP SSH Server <27.3.3
CVE-2025-32433
10 - Critical
- April 16, 2025
Erlang/OTP is a set of libraries for the Erlang programming language. Prior to versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20, a SSH server may allow an attacker to perform unauthenticated remote code execution (RCE). By exploiting a flaw in SSH protocol message handling, a malicious actor could gain unauthorized access to affected systems and execute arbitrary commands without valid credentials. This issue is patched in versions OTP-27.3.3, OTP-26.2.5.11, and OTP-25.3.2.20. A temporary workaround involves disabling the SSH server or to prevent access via firewall rules.
Missing Authentication for Critical Function
A vulnerability in the SSH service of the Cisco StarOS operating system could
CVE-2021-1378
5.3 - Medium
- February 17, 2021
A vulnerability in the SSH service of the Cisco StarOS operating system could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. The vulnerability is due to a logic error that may occur under specific traffic conditions. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to prevent the targeted service from receiving any traffic, which would lead to a DoS condition on the affected device.
Resource Exhaustion
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Cisco Staros or by Cisco? Click the Watch button to subscribe.
