7.4

CVE-2025-20141

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms. 

This vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
This information is available to logged-in users.
Data is provided by the National Vulnerability Database (NVD)
CiscoIos Xr Version7.9.2
   CiscoNcs 540-12z20g-sys-a Version-
   CiscoNcs 540-12z20g-sys-d Version-
   CiscoNcs 540-24q2c2dd-sys Version-
   CiscoNcs 540-24q8l2dd-sys Version-
   CiscoNcs 540-24z8q2c-sys Version-
   CiscoNcs 540-28z4c-sys-a Version-
   CiscoNcs 540-28z4c-sys-d Version-
   CiscoNcs 540-6z14s-sys-d Version-
   CiscoNcs 540-6z18g-sys-a Version-
   CiscoNcs 540-6z18g-sys-d Version-
   CiscoNcs 540-acc-sys Version-
   CiscoNcs 540-fh-agg Version-
   CiscoNcs 540-fh-csr-sys Version-
   CiscoNcs 540x-12z16g-sys-a Version-
   CiscoNcs 540x-12z16g-sys-d Version-
   CiscoNcs 540x-16z4g8q2c-a Version-
   CiscoNcs 540x-16z4g8q2c-d Version-
   CiscoNcs 540x-16z8q2c-d Version-
   CiscoNcs 540x-4z14g2q-a Version-
   CiscoNcs 540x-4z14g2q-d Version-
   CiscoNcs 540x-6z18g-sys-a Version-
   CiscoNcs 540x-6z18g-sys-d Version-
   CiscoNcs 540x-8z16g-sys-a Version-
   CiscoNcs 540x-8z16g-sys-d Version-
   CiscoNcs 540x-acc-sys Version-
   CiscoNcs 5501 Version-
   CiscoNcs 5501-se Version-
   CiscoNcs 5502 Version-
   CiscoNcs 5502-se Version-
   CiscoNcs 5504 Version-
   CiscoNcs 5508 Version-
   CiscoNcs 5516 Version-
   CiscoNcs 55a1-24h Version-
   CiscoNcs 55a1-24q6h-s Version-
   CiscoNcs 55a1-24q6h-ss Version-
   CiscoNcs 55a1-36h Version-
   CiscoNcs 55a1-36h-se Version-
   CiscoNcs 55a1-48q6h Version-
   CiscoNcs 55a2-mod-hd-s Version-
   CiscoNcs 55a2-mod-s Version-
   CiscoNcs 55a2-mod-se-s Version-
   CiscoNcs 57b1-5dse-sys Version-
   CiscoNcs 57b1-6d24-sys Version-
   CiscoNcs 57c1-48q6-sys Version-
   CiscoNcs 57c3-mod-sys Version-
   CiscoNcs 57d2-18dd-sys Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.06% 0.172
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
psirt@cisco.com 7.4 2.8 4
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.