Cisco Releases Security Advisories for Cisco IOS XR Software
10 security advisories address multiple vulnerabilities, including seven high and three medium severity advisories
Summary
10 security advisories address multiple vulnerabilities, including seven high and three medium severity advisories
Threat details
Introduction
Cisco has released 10 security advisories addressing multiple vulnerabilities, including seven high and three medium severity advisories affecting Cisco IOS XR Software, which is a networking software system.
CVE-2025-20138 is an 'improper neutralization of special elements used in an OS Command' vulnerability with a CVSSv3 score of 8.8. Successful exploitation could allow an authenticated, remote attacker to execute arbitrary commands and elevate privileges on an affected device, provided that the attacker has valid read-only administrative credentials.
CVE-2025-20177 is an 'improper handling of insufficient privileges' vulnerability with a CVSSv3 score of 6.7. This vulnerability could allow an attacker to bypass Cisco IOS XR image signature verification and load unverified software.
CVE-2025-20143 is an 'improper verification of cryptographic signature' vulnerability with a CVSSv3 score of 6.7. This vulnerability could allow an authenticated, remote attacker to bypass the Secure Boot functionality and load unverified software on an affected device, provided that the attacker has valid read-only administrative credentials.
Other high severity vulnerabilities could allow an authenticated, remote attacker to conduct a denial-of-service (DoS) attack on an affected device.
Two medium severity vulnerabilities CVE-2025-20145 and CVE-2025-20144 could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) on an affected device. CVE-2025-20145 is a 'permissions, privileges, and access controls' vulnerability with a CVSSv3 score of 5.8 and CVE-2025-20144 an 'improper access control' vulnerability with a CVSSv3 score of 4.
Remediation advice
Affected organisations are encouraged to review Cisco's security advisories and apply the relevant updates as soon as practicable.
Remediation steps
| Type | Step |
|---|---|
| Patch |
Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability | cisco-sa-xrike-9wYGpRGq https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrike-9wYGpRGq |
| Patch |
Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerability | cisco-sa-xr792-bWfVDPY https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY |
| Patch |
Cisco IOS XR Software Secure Boot Bypass Vulnerability | cisco-sa-sb-lkm-zNErZjbZ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-lkm-zNErZjbZ |
| Patch |
Cisco IOS XR Software for ASR 9000 Series Routers Layer 3 Multicast Denial of Service Vulnerability | cisco-sa-multicast-ERMrSvq7 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multicast-ERMrSvq7 |
| Patch |
Cisco IOS XR Software for ASR 9000 Series Routers IPv4 Unicast Packets Denial of Service Vulnerability | cisco-sa-ipv4uni-LfM3cfBu https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4uni-LfM3cfBu |
| Patch |
Cisco IOS XR Software CLI Privilege Escalation Vulnerability | cisco-sa-iosxr-priv-esc-GFQjxvOF https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF |
| Patch |
Cisco IOS XR Software Image Verification Bypass Vulnerability | cisco-sa-ios-xr-verii-bypass-HhPwQRvx https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx |
| Patch |
Cisco IOS XR Software Hybrid Access Control List Bypass Vulnerability | cisco-sa-ncs-hybridacl-crMZFfKQ https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs-hybridacl-crMZFfKQ |
| Patch |
Cisco IOS XR Software Access Control List Bypass Vulnerability | cisco-sa-modular-ACL-u5MEPXMm https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-modular-ACL-u5MEPXMm |
| Patch |
Cisco IOS XR Software Border Gateway Protocol Confederation Denial of Service Vulnerability | cisco-sa-iosxr-bgp-dos-O7stePhX https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bgp-dos-O7stePhX |
Definitive source of threat updates
CVE Vulnerabilities
Last edited: 13 March 2025 3:23 pm