Cisco

Ios Xr Software

30 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2025-20340

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 10.09.2025 16:15:36
  • Zuletzt bearbeitet 11.09.2025 17:14:10

A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device.&nbs...

6

CVE-2025-20248

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 10.09.2025 16:15:36
  • Zuletzt bearbeitet 11.09.2025 17:14:10

A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerabi...

5.3

CVE-2025-20159

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 10.09.2025 16:15:35
  • Zuletzt bearbeitet 11.09.2025 17:14:10

A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features. This vulnerability...

8.6

CVE-2025-20154

  • EPSS 0.16%
  • Veröffentlicht 07.05.2025 17:18:50
  • Zuletzt bearbeitet 31.07.2025 16:44:45

A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service...

7.5

CVE-2025-20209

  • EPSS 0.27%
  • Veröffentlicht 12.03.2025 16:13:12
  • Zuletzt bearbeitet 01.08.2025 14:59:24

A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets.  This vulnerability ...

6.7

CVE-2025-20177

  • EPSS 0.02%
  • Veröffentlicht 12.03.2025 16:13:04
  • Zuletzt bearbeitet 06.08.2025 17:04:34

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attac...

8.6

CVE-2025-20146

  • EPSS 0.41%
  • Veröffentlicht 12.03.2025 16:12:56
  • Zuletzt bearbeitet 01.08.2025 18:50:42

A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated,...

5.8

CVE-2025-20145

  • EPSS 0.1%
  • Veröffentlicht 12.03.2025 16:12:48
  • Zuletzt bearbeitet 04.08.2025 12:03:18

A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled ...

5.8

CVE-2025-20144

  • EPSS 0.07%
  • Veröffentlicht 12.03.2025 16:12:39
  • Zuletzt bearbeitet 04.08.2025 12:02:45

A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when...

6.7

CVE-2025-20143

  • EPSS 0.02%
  • Veröffentlicht 12.03.2025 16:12:31
  • Zuletzt bearbeitet 22.07.2025 12:28:22

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, ...