- 62/2025
- High
Cisco has released security updates to fix several vulnerabilities affecting multiple Cisco products.
The addressed vulnerabilities could allow the attacker to perform denial of service attacks, bypass security restrictions, or gain elevated privileges to the affected product by using crafted commands at the prompt.
Sample of the addressed vulnerabilities:
1. Cisco IOS XR Software CLI Privilege Escalation Vulnerability (CVE-2025-20138):
- CVSS: 8.8
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: Low
- User Interaction: None
- Consequences: Gain Privilege
2. Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability (CVE-2025-20115):
- CVSS: 8.6
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Consequences: Denial of Service
3. Cisco IOS XR Software Security Bypass Vulnerability (CVE-2025-20177):
- CVSS: 6.7
- Attack Vector: Local
- Attack Complexity: Low
- Privileges Required: High
- User Interaction: None
- Consequences: Bypass Security
Sample of the affected products:
- Network Convergence System (NCS) 540L.
- Cisco IOS XR White box (IOSXRWBD).
- ASR 9000 Series Aggregation Services Routers (64-bit).
- ASR 9903 Compact High-Performance Routers.
- Cisco NX-OS Software.
- NCS 5700 Series Fixed-Port Routers that are running NCS5700 images.
Vulnerabilities
- CVE-2025-20115
- CVE-2025-20145
- CVE-2025-20144
- CVE-2025-20169
- CVE-2025-20170
- CVE-2025-20171
- CVE-2025-20172
- CVE-2025-20173
- CVE-2025-20174
- CVE-2025-20175
- CVE-2025-20176
- CVE-2025-20177
- CVE-2025-20138
- CVE-2025-20142
- CVE-2025-20146
- CVE-2025-20143
- CVE-2025-20141
- CVE-2025-20209
Mitigations
The enterprise should deploy this patch as soon as the testing phase is completed.