Cisco

Ios Xr Software

34 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2026-20118

Medienbericht
  • EPSS 0.09%
  • Veröffentlicht 11.03.2026 16:31:32
  • Zuletzt bearbeitet 12.03.2026 21:08:22

A vulnerability in the handling of an Egress Packet Network Interface (EPNI) Aligner interrupt in Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series with NC57 line cards and Cisco NCS 5700 Routers and Cisco IOS XR Software f...

8.8

CVE-2026-20046

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 11.03.2026 16:31:18
  • Zuletzt bearbeitet 12.03.2026 21:08:22

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due t...

7.4

CVE-2026-20074

Medienbericht
  • EPSS 0.02%
  • Veröffentlicht 11.03.2026 16:31:14
  • Zuletzt bearbeitet 12.03.2026 21:08:22

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerabil...

8.8

CVE-2026-20040

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 11.03.2026 16:31:14
  • Zuletzt bearbeitet 12.03.2026 21:08:22

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation o...

7.4

CVE-2025-20340

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 10.09.2025 16:15:36
  • Zuletzt bearbeitet 11.09.2025 17:14:10

A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device.&nbs...

6

CVE-2025-20248

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 10.09.2025 16:15:36
  • Zuletzt bearbeitet 11.09.2025 17:14:10

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerabi...

5.3

CVE-2025-20159

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 10.09.2025 16:15:35
  • Zuletzt bearbeitet 11.09.2025 17:14:10

A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features. This vulnerability...

8.6

CVE-2025-20154

  • EPSS 0.45%
  • Veröffentlicht 07.05.2025 17:18:50
  • Zuletzt bearbeitet 31.07.2025 16:44:45

A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service...

7.5

CVE-2025-20209

  • EPSS 0.29%
  • Veröffentlicht 12.03.2025 16:13:12
  • Zuletzt bearbeitet 01.08.2025 14:59:24

A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets.  This vulnerability ...

6.7

CVE-2025-20177

  • EPSS 0.02%
  • Veröffentlicht 12.03.2025 16:13:04
  • Zuletzt bearbeitet 06.08.2025 17:04:34

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attac...