Action not permitted
Modal body text goes here.
Modal Title
Modal Body
wid-sec-w-2025-0979
Vulnerability from csaf_certbund
Published
2025-05-07 22:00
Modified
2025-05-07 22:00
Summary
Cisco IOS XE Software: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cisco Internetwork Operating System (IOS) ist ein Betriebssystem, das für Cisco Geräte wie z. B. Router und Switches eingesetzt wird.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in Cisco IOS XE Software ausnutzen, um Dateien zu manipulieren, erhöhte Rechte zu erlangen, Sicherheitsmaßnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuführen und vertrauliche Informationen preiszugeben.
Betroffene Betriebssysteme
- CISCO Appliance
{ "document": { "aggregate_severity": { "text": "hoch" }, "category": "csaf_base", "csaf_version": "2.0", "distribution": { "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "de-DE", "notes": [ { "category": "legal_disclaimer", "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen." }, { "category": "description", "text": "Cisco Internetwork Operating System (IOS) ist ein Betriebssystem, das f\u00fcr Cisco Ger\u00e4te wie z. B. Router und Switches eingesetzt wird.", "title": "Produktbeschreibung" }, { "category": "summary", "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Cisco IOS XE Software ausnutzen, um Dateien zu manipulieren, erh\u00f6hte Rechte zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, einen Denial-of-Service-Zustand herbeizuf\u00fchren und vertrauliche Informationen preiszugeben.", "title": "Angriff" }, { "category": "general", "text": "- CISCO Appliance", "title": "Betroffene Betriebssysteme" } ], "publisher": { "category": "other", "contact_details": "csaf-provider@cert-bund.de", "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik", "namespace": "https://www.bsi.bund.de" }, "references": [ { "category": "self", "summary": "WID-SEC-W-2025-0979 - CSAF Version", "url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-0979.json" }, { "category": "self", "summary": "WID-SEC-2025-0979 - Portal Version", "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-0979" }, { "category": "external", "summary": "Cisco Security Advisory cisco-sa-iosxe-privesc-su7scvdp vom 2025-05-07", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp" }, { "category": "external", "summary": "Cisco Security Advisory cisco-sa-bootstrap-KfgxYgdh vom 2025-05-07", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh" }, { "category": "external", "summary": "Cisco Security Advisory cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks vom 2025-05-07", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks" }, { "category": "external", "summary": "Cisco Security Advisory cisco-sa-iosxe-ikev1-dos-XHk3HzFC vom 2025-05-07", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC" }, { "category": "external", "summary": "Cisco Security Advisory cisco-sa-netconf-nacm-bypass-TGZV9pmQ vom 2025-05-07", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ" } ], "source_lang": "en-US", "title": "Cisco IOS XE Software: Mehrere Schwachstellen", "tracking": { "current_release_date": "2025-05-07T22:00:00.000+00:00", "generator": { "date": "2025-05-08T10:59:15.841+00:00", "engine": { "name": "BSI-WID", "version": "1.3.12" } }, "id": "WID-SEC-W-2025-0979", "initial_release_date": "2025-05-07T22:00:00.000+00:00", "revision_history": [ { "date": "2025-05-07T22:00:00.000+00:00", "number": "1", "summary": "Initiale Fassung" } ], "status": "final", "version": "1" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version", "name": "Software", "product": { "name": "Cisco IOS XE Software", "product_id": "T043497", "product_identification_helper": { "cpe": "cpe:/o:cisco:ios_xe:software" } } } ], "category": "product_name", "name": "IOS XE" } ], "category": "vendor", "name": "Cisco" } ] }, "vulnerabilities": [ { "cve": "CVE-2025-20155", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20155" }, { "cve": "CVE-2025-20162", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20162" }, { "cve": "CVE-2025-20192", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20192" }, { "cve": "CVE-2025-20214", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20214" }, { "cve": "CVE-2025-20197", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20197" }, { "cve": "CVE-2025-20198", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20198" }, { "cve": "CVE-2025-20199", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20199" }, { "cve": "CVE-2025-20200", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20200" }, { "cve": "CVE-2025-20201", "product_status": { "known_affected": [ "T043497" ] }, "release_date": "2025-05-07T22:00:00.000+00:00", "title": "CVE-2025-20201" } ] }
CVE-2025-20198 (GCVE-0-2025-20198)
Vulnerability from cvelistv5
Published
2025-05-07 17:42
Modified
2025-05-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.
This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.
Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.2aS Version: 3.13.0aS Version: 3.13.5aS Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.7aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.7.0E Version: 3.7.1E Version: 3.7.2E Version: 3.7.3E Version: 3.7.4E Version: 3.7.5E Version: 3.16.0S Version: 3.16.1S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.2aS Version: 3.16.0cS Version: 3.16.3S Version: 3.16.2bS Version: 3.16.3aS Version: 3.16.4S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.1aS Version: 3.17.3S Version: 3.17.4S Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 3.8.0E Version: 3.8.1E Version: 3.8.2E Version: 3.8.3E Version: 3.8.4E Version: 3.8.5E Version: 3.8.5aE Version: 3.8.6E Version: 3.8.7E Version: 3.8.8E Version: 3.8.9E Version: 3.8.10E Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.0aS Version: 3.18.0S Version: 3.18.1S Version: 3.18.2S Version: 3.18.3S Version: 3.18.4S Version: 3.18.0SP Version: 3.18.1SP Version: 3.18.1aSP Version: 3.18.1bSP Version: 3.18.1cSP Version: 3.18.2SP Version: 3.18.2aSP Version: 3.18.3SP Version: 3.18.4SP Version: 3.18.3aSP Version: 3.18.3bSP Version: 3.18.5SP Version: 3.18.6SP Version: 3.18.7SP Version: 3.18.8aSP Version: 3.18.9SP Version: 3.9.0E Version: 3.9.1E Version: 3.9.2E Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 3.10.0E Version: 3.10.1E Version: 3.10.0cE Version: 3.10.2E Version: 3.10.3E Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 16.12.12 Version: 3.11.0E Version: 3.11.1E Version: 3.11.2E Version: 3.11.3E Version: 3.11.1aE Version: 3.11.4E Version: 3.11.3aE Version: 3.11.5E Version: 3.11.6E Version: 3.11.7E Version: 3.11.8E Version: 3.11.9E Version: 3.11.10E Version: 3.11.11E Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.4a Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW Version: 17.15.1 Version: 17.15.1w Version: 17.15.1a Version: 17.15.1b |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20198", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-08T03:56:20.319Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.13.0S" }, { "status": "affected", "version": "3.13.1S" }, { "status": "affected", "version": "3.13.2S" }, { "status": "affected", "version": "3.13.3S" }, { "status": "affected", "version": "3.13.4S" }, { "status": "affected", "version": "3.13.5S" }, { "status": "affected", "version": "3.13.2aS" }, { "status": "affected", "version": "3.13.0aS" }, { "status": "affected", "version": "3.13.5aS" }, { "status": "affected", "version": "3.13.6S" }, { "status": "affected", "version": "3.13.7S" }, { "status": "affected", "version": "3.13.6aS" }, { "status": "affected", "version": "3.13.7aS" }, { "status": "affected", "version": "3.13.8S" }, { "status": "affected", "version": "3.13.9S" }, { "status": "affected", "version": "3.13.10S" }, { "status": "affected", "version": "3.14.0S" }, { "status": "affected", "version": "3.14.1S" }, { "status": "affected", "version": "3.14.2S" }, { "status": "affected", "version": "3.14.3S" }, { "status": "affected", "version": "3.14.4S" }, { "status": "affected", "version": "3.15.0S" }, { "status": "affected", "version": "3.15.1S" }, { "status": "affected", "version": "3.15.2S" }, { "status": "affected", "version": "3.15.1cS" }, { "status": "affected", "version": "3.15.3S" }, { "status": "affected", "version": "3.15.4S" }, { "status": "affected", "version": "3.7.0E" }, { "status": "affected", "version": "3.7.1E" }, { "status": "affected", "version": "3.7.2E" }, { "status": "affected", "version": "3.7.3E" }, { "status": "affected", "version": "3.7.4E" }, { "status": "affected", "version": "3.7.5E" }, { "status": "affected", "version": "3.16.0S" }, { "status": "affected", "version": "3.16.1S" }, { "status": "affected", "version": "3.16.1aS" }, { "status": "affected", "version": "3.16.2S" }, { "status": "affected", "version": "3.16.2aS" }, { "status": "affected", "version": "3.16.0cS" }, { "status": "affected", "version": "3.16.3S" }, { "status": "affected", "version": "3.16.2bS" }, { "status": "affected", "version": "3.16.3aS" }, { "status": "affected", "version": "3.16.4S" }, { "status": "affected", "version": "3.16.4aS" }, { "status": "affected", "version": "3.16.4bS" }, { "status": "affected", "version": "3.16.5S" }, { "status": "affected", "version": "3.16.4dS" }, { "status": "affected", "version": "3.16.6S" }, { "status": "affected", "version": "3.16.7S" }, { "status": "affected", "version": "3.16.6bS" }, { "status": "affected", "version": "3.16.7aS" }, { "status": "affected", "version": "3.16.7bS" }, { "status": "affected", "version": "3.16.8S" }, { "status": "affected", "version": "3.16.9S" }, { "status": "affected", "version": "3.16.10S" }, { "status": "affected", "version": "3.17.0S" }, { "status": "affected", "version": "3.17.1S" }, { "status": "affected", "version": "3.17.2S" }, { "status": "affected", "version": "3.17.1aS" }, { "status": "affected", "version": "3.17.3S" }, { "status": "affected", "version": "3.17.4S" }, { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "3.8.0E" }, { "status": "affected", "version": "3.8.1E" }, { "status": "affected", "version": "3.8.2E" }, { "status": "affected", "version": "3.8.3E" }, { "status": "affected", "version": "3.8.4E" }, { "status": "affected", "version": "3.8.5E" }, { "status": "affected", "version": "3.8.5aE" }, { "status": "affected", "version": "3.8.6E" }, { "status": "affected", "version": "3.8.7E" }, { "status": "affected", "version": "3.8.8E" }, { "status": "affected", "version": "3.8.9E" }, { "status": "affected", "version": "3.8.10E" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "3.18.0aS" }, { "status": "affected", "version": "3.18.0S" }, { "status": "affected", "version": "3.18.1S" }, { "status": "affected", "version": "3.18.2S" }, { "status": "affected", "version": "3.18.3S" }, { "status": "affected", "version": "3.18.4S" }, { "status": "affected", "version": "3.18.0SP" }, { "status": "affected", "version": "3.18.1SP" }, { "status": "affected", "version": "3.18.1aSP" }, { "status": "affected", "version": "3.18.1bSP" }, { "status": "affected", "version": "3.18.1cSP" }, { "status": "affected", "version": "3.18.2SP" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "3.18.3SP" }, { "status": "affected", "version": "3.18.4SP" }, { "status": "affected", "version": "3.18.3aSP" }, { "status": "affected", "version": "3.18.3bSP" }, { "status": "affected", "version": "3.18.5SP" }, { "status": "affected", "version": "3.18.6SP" }, { "status": "affected", "version": "3.18.7SP" }, { "status": "affected", "version": "3.18.8aSP" }, { "status": "affected", "version": "3.18.9SP" }, { "status": "affected", "version": "3.9.0E" }, { "status": "affected", "version": "3.9.1E" }, { "status": "affected", "version": "3.9.2E" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "3.10.0E" }, { "status": "affected", "version": "3.10.1E" }, { "status": "affected", "version": "3.10.0cE" }, { "status": "affected", "version": "3.10.2E" }, { "status": "affected", "version": "3.10.3E" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "16.12.12" }, { "status": "affected", "version": "3.11.0E" }, { "status": "affected", "version": "3.11.1E" }, { "status": "affected", "version": "3.11.2E" }, { "status": "affected", "version": "3.11.3E" }, { "status": "affected", "version": "3.11.1aE" }, { "status": "affected", "version": "3.11.4E" }, { "status": "affected", "version": "3.11.3aE" }, { "status": "affected", "version": "3.11.5E" }, { "status": "affected", "version": "3.11.6E" }, { "status": "affected", "version": "3.11.7E" }, { "status": "affected", "version": "3.11.8E" }, { "status": "affected", "version": "3.11.9E" }, { "status": "affected", "version": "3.11.10E" }, { "status": "affected", "version": "3.11.11E" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.6a" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.12.4a" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" }, { "status": "affected", "version": "17.15.1" }, { "status": "affected", "version": "17.15.1w" }, { "status": "affected", "version": "17.15.1a" }, { "status": "affected", "version": "17.15.1b" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability\u00a0in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.\r\n\r This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.\r\n\r Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:42:41.075Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-privesc-su7scvdp", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp" } ], "source": { "advisory": "cisco-sa-iosxe-privesc-su7scvdp", "defects": [ "CSCwm66565" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20198", "datePublished": "2025-05-07T17:42:41.075Z", "dateReserved": "2024-10-10T19:15:13.227Z", "dateUpdated": "2025-05-08T03:56:20.319Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20199 (GCVE-0-2025-20199)
Vulnerability from cvelistv5
Published
2025-05-07 17:43
Modified
2025-05-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
Summary
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.
This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.
Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 3.7.0S Version: 3.7.1S Version: 3.7.2S Version: 3.7.3S Version: 3.7.4S Version: 3.7.5S Version: 3.7.6S Version: 3.7.7S Version: 3.7.4aS Version: 3.7.2tS Version: 3.7.0bS Version: 3.7.1aS Version: 3.8.0S Version: 3.8.1S Version: 3.8.2S Version: 3.9.1S Version: 3.9.0S Version: 3.9.2S Version: 3.9.1aS Version: 3.9.0aS Version: 3.2.0SE Version: 3.2.1SE Version: 3.2.2SE Version: 3.2.3SE Version: 3.3.0SE Version: 3.3.1SE Version: 3.3.2SE Version: 3.3.3SE Version: 3.3.4SE Version: 3.3.5SE Version: 3.4.0SG Version: 3.4.2SG Version: 3.4.1SG Version: 3.4.3SG Version: 3.4.4SG Version: 3.4.5SG Version: 3.4.6SG Version: 3.4.7SG Version: 3.4.8SG Version: 3.5.0E Version: 3.5.1E Version: 3.5.2E Version: 3.5.3E Version: 3.11.1S Version: 3.11.2S Version: 3.11.0S Version: 3.11.3S Version: 3.11.4S Version: 3.12.0S Version: 3.12.1S Version: 3.12.2S Version: 3.12.3S Version: 3.12.0aS Version: 3.12.4S Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.2aS Version: 3.13.0aS Version: 3.13.5aS Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.7aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.6.0E Version: 3.6.1E Version: 3.6.2aE Version: 3.6.2E Version: 3.6.3E Version: 3.6.4E Version: 3.6.5E Version: 3.6.6E Version: 3.6.5aE Version: 3.6.5bE Version: 3.6.7E Version: 3.6.8E Version: 3.6.7bE Version: 3.6.9E Version: 3.6.10E Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.7.0E Version: 3.7.1E Version: 3.7.2E Version: 3.7.3E Version: 3.7.4E Version: 3.7.5E Version: 3.16.0S Version: 3.16.1S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.2aS Version: 3.16.0cS Version: 3.16.3S Version: 3.16.2bS Version: 3.16.3aS Version: 3.16.4S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.1aS Version: 3.17.3S Version: 3.17.4S Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 3.8.0E Version: 3.8.1E Version: 3.8.2E Version: 3.8.3E Version: 3.8.4E Version: 3.8.5E Version: 3.8.5aE Version: 3.8.6E Version: 3.8.7E Version: 3.8.8E Version: 3.8.9E Version: 3.8.10E Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.0aS Version: 3.18.0S Version: 3.18.1S Version: 3.18.2S Version: 3.18.3S Version: 3.18.4S Version: 3.18.0SP Version: 3.18.1SP Version: 3.18.1aSP Version: 3.18.1bSP Version: 3.18.1cSP Version: 3.18.2SP Version: 3.18.2aSP Version: 3.18.3SP Version: 3.18.4SP Version: 3.18.3aSP Version: 3.18.3bSP Version: 3.18.5SP Version: 3.18.6SP Version: 3.18.7SP Version: 3.18.8aSP Version: 3.18.9SP Version: 3.9.0E Version: 3.9.1E Version: 3.9.2E Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 3.10.0E Version: 3.10.1E Version: 3.10.0cE Version: 3.10.2E Version: 3.10.3E Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 16.12.12 Version: 3.11.0E Version: 3.11.1E Version: 3.11.2E Version: 3.11.3E Version: 3.11.1aE Version: 3.11.4E Version: 3.11.3aE Version: 3.11.5E Version: 3.11.6E Version: 3.11.7E Version: 3.11.8E Version: 3.11.9E Version: 3.11.10E Version: 3.11.11E Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW Version: 17.15.1 Version: 17.15.1w Version: 17.15.1a Version: 17.15.1b |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20199", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-08T03:56:22.128Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.7.0S" }, { "status": "affected", "version": "3.7.1S" }, { "status": "affected", "version": "3.7.2S" }, { "status": "affected", "version": "3.7.3S" }, { "status": "affected", "version": "3.7.4S" }, { "status": "affected", "version": "3.7.5S" }, { "status": "affected", "version": "3.7.6S" }, { "status": "affected", "version": "3.7.7S" }, { "status": "affected", "version": "3.7.4aS" }, { "status": "affected", "version": "3.7.2tS" }, { "status": "affected", "version": "3.7.0bS" }, { "status": "affected", "version": "3.7.1aS" }, { "status": "affected", "version": "3.8.0S" }, { "status": "affected", "version": "3.8.1S" }, { "status": "affected", "version": "3.8.2S" }, { "status": "affected", "version": "3.9.1S" }, { "status": "affected", "version": "3.9.0S" }, { "status": "affected", "version": "3.9.2S" }, { "status": "affected", "version": "3.9.1aS" }, { "status": "affected", "version": "3.9.0aS" }, { "status": "affected", "version": "3.2.0SE" }, { "status": "affected", "version": "3.2.1SE" }, { "status": "affected", "version": "3.2.2SE" }, { "status": "affected", "version": "3.2.3SE" }, { "status": "affected", "version": "3.3.0SE" }, { "status": "affected", "version": "3.3.1SE" }, { "status": "affected", "version": "3.3.2SE" }, { "status": "affected", "version": "3.3.3SE" }, { "status": "affected", "version": "3.3.4SE" }, { "status": "affected", "version": "3.3.5SE" }, { "status": "affected", "version": "3.4.0SG" }, { "status": "affected", "version": "3.4.2SG" }, { "status": "affected", "version": "3.4.1SG" }, { "status": "affected", "version": "3.4.3SG" }, { "status": "affected", "version": "3.4.4SG" }, { "status": "affected", "version": "3.4.5SG" }, { "status": "affected", "version": "3.4.6SG" }, { "status": "affected", "version": "3.4.7SG" }, { "status": "affected", "version": "3.4.8SG" }, { "status": "affected", "version": "3.5.0E" }, { "status": "affected", "version": "3.5.1E" }, { "status": "affected", "version": "3.5.2E" }, { "status": "affected", "version": "3.5.3E" }, { "status": "affected", "version": "3.11.1S" }, { "status": "affected", "version": "3.11.2S" }, { "status": "affected", "version": "3.11.0S" }, { "status": "affected", "version": "3.11.3S" }, { "status": "affected", "version": "3.11.4S" }, { "status": "affected", "version": "3.12.0S" }, { "status": "affected", "version": "3.12.1S" }, { "status": "affected", "version": "3.12.2S" }, { "status": "affected", "version": "3.12.3S" }, { "status": "affected", "version": "3.12.0aS" }, { "status": "affected", "version": "3.12.4S" }, { "status": "affected", "version": "3.13.0S" }, { "status": "affected", "version": "3.13.1S" }, { "status": "affected", "version": "3.13.2S" }, { "status": "affected", "version": "3.13.3S" }, { "status": "affected", "version": "3.13.4S" }, { "status": "affected", "version": "3.13.5S" }, { "status": "affected", "version": "3.13.2aS" }, { "status": "affected", "version": "3.13.0aS" }, { "status": "affected", "version": "3.13.5aS" }, { "status": "affected", "version": "3.13.6S" }, { "status": "affected", "version": "3.13.7S" }, { "status": "affected", "version": "3.13.6aS" }, { "status": "affected", "version": "3.13.7aS" }, { "status": "affected", "version": "3.13.8S" }, { "status": "affected", "version": "3.13.9S" }, { "status": "affected", "version": "3.13.10S" }, { "status": "affected", "version": "3.6.0E" }, { "status": "affected", "version": "3.6.1E" }, { "status": "affected", "version": "3.6.2aE" }, { "status": "affected", "version": "3.6.2E" }, { "status": "affected", "version": "3.6.3E" }, { "status": "affected", "version": "3.6.4E" }, { "status": "affected", "version": "3.6.5E" }, { "status": "affected", "version": "3.6.6E" }, { "status": "affected", "version": "3.6.5aE" }, { "status": "affected", "version": "3.6.5bE" }, { "status": "affected", "version": "3.6.7E" }, { "status": "affected", "version": "3.6.8E" }, { "status": "affected", "version": "3.6.7bE" }, { "status": "affected", "version": "3.6.9E" }, { "status": "affected", "version": "3.6.10E" }, { "status": "affected", "version": "3.14.0S" }, { "status": "affected", "version": "3.14.1S" }, { "status": "affected", "version": "3.14.2S" }, { "status": "affected", "version": "3.14.3S" }, { "status": "affected", "version": "3.14.4S" }, { "status": "affected", "version": "3.15.0S" }, { "status": "affected", "version": "3.15.1S" }, { "status": "affected", "version": "3.15.2S" }, { "status": "affected", "version": "3.15.1cS" }, { "status": "affected", "version": "3.15.3S" }, { "status": "affected", "version": "3.15.4S" }, { "status": "affected", "version": "3.7.0E" }, { "status": "affected", "version": "3.7.1E" }, { "status": "affected", "version": "3.7.2E" }, { "status": "affected", "version": "3.7.3E" }, { "status": "affected", "version": "3.7.4E" }, { "status": "affected", "version": "3.7.5E" }, { "status": "affected", "version": "3.16.0S" }, { "status": "affected", "version": "3.16.1S" }, { "status": "affected", "version": "3.16.1aS" }, { "status": "affected", "version": "3.16.2S" }, { "status": "affected", "version": "3.16.2aS" }, { "status": "affected", "version": "3.16.0cS" }, { "status": "affected", "version": "3.16.3S" }, { "status": "affected", "version": "3.16.2bS" }, { "status": "affected", "version": "3.16.3aS" }, { "status": "affected", "version": "3.16.4S" }, { "status": "affected", "version": "3.16.4aS" }, { "status": "affected", "version": "3.16.4bS" }, { "status": "affected", "version": "3.16.5S" }, { "status": "affected", "version": "3.16.4dS" }, { "status": "affected", "version": "3.16.6S" }, { "status": "affected", "version": "3.16.7S" }, { "status": "affected", "version": "3.16.6bS" }, { "status": "affected", "version": "3.16.7aS" }, { "status": "affected", "version": "3.16.7bS" }, { "status": "affected", "version": "3.16.8S" }, { "status": "affected", "version": "3.16.9S" }, { "status": "affected", "version": "3.16.10S" }, { "status": "affected", "version": "3.17.0S" }, { "status": "affected", "version": "3.17.1S" }, { "status": "affected", "version": "3.17.2S" }, { "status": "affected", "version": "3.17.1aS" }, { "status": "affected", "version": "3.17.3S" }, { "status": "affected", "version": "3.17.4S" }, { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "3.8.0E" }, { "status": "affected", "version": "3.8.1E" }, { "status": "affected", "version": "3.8.2E" }, { "status": "affected", "version": "3.8.3E" }, { "status": "affected", "version": "3.8.4E" }, { "status": "affected", "version": "3.8.5E" }, { "status": "affected", "version": "3.8.5aE" }, { "status": "affected", "version": "3.8.6E" }, { "status": "affected", "version": "3.8.7E" }, { "status": "affected", "version": "3.8.8E" }, { "status": "affected", "version": "3.8.9E" }, { "status": "affected", "version": "3.8.10E" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "3.18.0aS" }, { "status": "affected", "version": "3.18.0S" }, { "status": "affected", "version": "3.18.1S" }, { "status": "affected", "version": "3.18.2S" }, { "status": "affected", "version": "3.18.3S" }, { "status": "affected", "version": "3.18.4S" }, { "status": "affected", "version": "3.18.0SP" }, { "status": "affected", "version": "3.18.1SP" }, { "status": "affected", "version": "3.18.1aSP" }, { "status": "affected", "version": "3.18.1bSP" }, { "status": "affected", "version": "3.18.1cSP" }, { "status": "affected", "version": "3.18.2SP" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "3.18.3SP" }, { "status": "affected", "version": "3.18.4SP" }, { "status": "affected", "version": "3.18.3aSP" }, { "status": "affected", "version": "3.18.3bSP" }, { "status": "affected", "version": "3.18.5SP" }, { "status": "affected", "version": "3.18.6SP" }, { "status": "affected", "version": "3.18.7SP" }, { "status": "affected", "version": "3.18.8aSP" }, { "status": "affected", "version": "3.18.9SP" }, { "status": "affected", "version": "3.9.0E" }, { "status": "affected", "version": "3.9.1E" }, { "status": "affected", "version": "3.9.2E" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "3.10.0E" }, { "status": "affected", "version": "3.10.1E" }, { "status": "affected", "version": "3.10.0cE" }, { "status": "affected", "version": "3.10.2E" }, { "status": "affected", "version": "3.10.3E" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "16.12.12" }, { "status": "affected", "version": "3.11.0E" }, { "status": "affected", "version": "3.11.1E" }, { "status": "affected", "version": "3.11.2E" }, { "status": "affected", "version": "3.11.3E" }, { "status": "affected", "version": "3.11.1aE" }, { "status": "affected", "version": "3.11.4E" }, { "status": "affected", "version": "3.11.3aE" }, { "status": "affected", "version": "3.11.5E" }, { "status": "affected", "version": "3.11.6E" }, { "status": "affected", "version": "3.11.7E" }, { "status": "affected", "version": "3.11.8E" }, { "status": "affected", "version": "3.11.9E" }, { "status": "affected", "version": "3.11.10E" }, { "status": "affected", "version": "3.11.11E" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.6a" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" }, { "status": "affected", "version": "17.15.1" }, { "status": "affected", "version": "17.15.1w" }, { "status": "affected", "version": "17.15.1a" }, { "status": "affected", "version": "17.15.1b" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.\r\n\r This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.\r\n\r Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.6, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:43:26.071Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-privesc-su7scvdp", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp" } ], "source": { "advisory": "cisco-sa-iosxe-privesc-su7scvdp", "defects": [ "CSCwm59330" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20199", "datePublished": "2025-05-07T17:43:26.071Z", "dateReserved": "2024-10-10T19:15:13.227Z", "dateUpdated": "2025-05-08T03:56:22.128Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20197 (GCVE-0-2025-20197)
Vulnerability from cvelistv5
Published
2025-05-07 17:39
Modified
2025-05-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-20 - Improper Input Validation
Summary
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.
This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.
Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 3.7.0S Version: 3.7.1S Version: 3.7.2S Version: 3.7.3S Version: 3.7.4S Version: 3.7.5S Version: 3.7.6S Version: 3.7.7S Version: 3.7.4aS Version: 3.7.2tS Version: 3.7.0bS Version: 3.7.1aS Version: 3.8.0S Version: 3.8.1S Version: 3.8.2S Version: 3.9.1S Version: 3.9.0S Version: 3.9.2S Version: 3.9.1aS Version: 3.9.0aS Version: 3.11.1S Version: 3.11.2S Version: 3.11.0S Version: 3.11.3S Version: 3.11.4S Version: 3.12.0S Version: 3.12.1S Version: 3.12.2S Version: 3.12.3S Version: 3.12.0aS Version: 3.12.4S Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.2aS Version: 3.13.0aS Version: 3.13.5aS Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.7aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.16.0S Version: 3.16.1S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.2aS Version: 3.16.0cS Version: 3.16.3S Version: 3.16.2bS Version: 3.16.3aS Version: 3.16.4S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.1aS Version: 3.17.3S Version: 3.17.4S Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.0aS Version: 3.18.0S Version: 3.18.1S Version: 3.18.2S Version: 3.18.3S Version: 3.18.4S Version: 3.18.0SP Version: 3.18.1SP Version: 3.18.1aSP Version: 3.18.1bSP Version: 3.18.1cSP Version: 3.18.2SP Version: 3.18.2aSP Version: 3.18.3SP Version: 3.18.4SP Version: 3.18.3aSP Version: 3.18.3bSP Version: 3.18.5SP Version: 3.18.6SP Version: 3.18.7SP Version: 3.18.8aSP Version: 3.18.9SP Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 16.12.12 Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.4a Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW Version: 17.15.1 Version: 17.15.1w Version: 17.15.1a Version: 17.15.1b |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20197", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-08T03:56:18.330Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.7.0S" }, { "status": "affected", "version": "3.7.1S" }, { "status": "affected", "version": "3.7.2S" }, { "status": "affected", "version": "3.7.3S" }, { "status": "affected", "version": "3.7.4S" }, { "status": "affected", "version": "3.7.5S" }, { "status": "affected", "version": "3.7.6S" }, { "status": "affected", "version": "3.7.7S" }, { "status": "affected", "version": "3.7.4aS" }, { "status": "affected", "version": "3.7.2tS" }, { "status": "affected", "version": "3.7.0bS" }, { "status": "affected", "version": "3.7.1aS" }, { "status": "affected", "version": "3.8.0S" }, { "status": "affected", "version": "3.8.1S" }, { "status": "affected", "version": "3.8.2S" }, { "status": "affected", "version": "3.9.1S" }, { "status": "affected", "version": "3.9.0S" }, { "status": "affected", "version": "3.9.2S" }, { "status": "affected", "version": "3.9.1aS" }, { "status": "affected", "version": "3.9.0aS" }, { "status": "affected", "version": "3.11.1S" }, { "status": "affected", "version": "3.11.2S" }, { "status": "affected", "version": "3.11.0S" }, { "status": "affected", "version": "3.11.3S" }, { "status": "affected", "version": "3.11.4S" }, { "status": "affected", "version": "3.12.0S" }, { "status": "affected", "version": "3.12.1S" }, { "status": "affected", "version": "3.12.2S" }, { "status": "affected", "version": "3.12.3S" }, { "status": "affected", "version": "3.12.0aS" }, { "status": "affected", "version": "3.12.4S" }, { "status": "affected", "version": "3.13.0S" }, { "status": "affected", "version": "3.13.1S" }, { "status": "affected", "version": "3.13.2S" }, { "status": "affected", "version": "3.13.3S" }, { "status": "affected", "version": "3.13.4S" }, { "status": "affected", "version": "3.13.5S" }, { "status": "affected", "version": "3.13.2aS" }, { "status": "affected", "version": "3.13.0aS" }, { "status": "affected", "version": "3.13.5aS" }, { "status": "affected", "version": "3.13.6S" }, { "status": "affected", "version": "3.13.7S" }, { "status": "affected", "version": "3.13.6aS" }, { "status": "affected", "version": "3.13.7aS" }, { "status": "affected", "version": "3.13.8S" }, { "status": "affected", "version": "3.13.9S" }, { "status": "affected", "version": "3.13.10S" }, { "status": "affected", "version": "3.14.0S" }, { "status": "affected", "version": "3.14.1S" }, { "status": "affected", "version": "3.14.2S" }, { "status": "affected", "version": "3.14.3S" }, { "status": "affected", "version": "3.14.4S" }, { "status": "affected", "version": "3.15.0S" }, { "status": "affected", "version": "3.15.1S" }, { "status": "affected", "version": "3.15.2S" }, { "status": "affected", "version": "3.15.1cS" }, { "status": "affected", "version": "3.15.3S" }, { "status": "affected", "version": "3.15.4S" }, { "status": "affected", "version": "3.16.0S" }, { "status": "affected", "version": "3.16.1S" }, { "status": "affected", "version": "3.16.1aS" }, { "status": "affected", "version": "3.16.2S" }, { "status": "affected", "version": "3.16.2aS" }, { "status": "affected", "version": "3.16.0cS" }, { "status": "affected", "version": "3.16.3S" }, { "status": "affected", "version": "3.16.2bS" }, { "status": "affected", "version": "3.16.3aS" }, { "status": "affected", "version": "3.16.4S" }, { "status": "affected", "version": "3.16.4aS" }, { "status": "affected", "version": "3.16.4bS" }, { "status": "affected", "version": "3.16.5S" }, { "status": "affected", "version": "3.16.4dS" }, { "status": "affected", "version": "3.16.6S" }, { "status": "affected", "version": "3.16.7S" }, { "status": "affected", "version": "3.16.6bS" }, { "status": "affected", "version": "3.16.7aS" }, { "status": "affected", "version": "3.16.7bS" }, { "status": "affected", "version": "3.16.8S" }, { "status": "affected", "version": "3.16.9S" }, { "status": "affected", "version": "3.16.10S" }, { "status": "affected", "version": "3.17.0S" }, { "status": "affected", "version": "3.17.1S" }, { "status": "affected", "version": "3.17.2S" }, { "status": "affected", "version": "3.17.1aS" }, { "status": "affected", "version": "3.17.3S" }, { "status": "affected", "version": "3.17.4S" }, { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "3.18.0aS" }, { "status": "affected", "version": "3.18.0S" }, { "status": "affected", "version": "3.18.1S" }, { "status": "affected", "version": "3.18.2S" }, { "status": "affected", "version": "3.18.3S" }, { "status": "affected", "version": "3.18.4S" }, { "status": "affected", "version": "3.18.0SP" }, { "status": "affected", "version": "3.18.1SP" }, { "status": "affected", "version": "3.18.1aSP" }, { "status": "affected", "version": "3.18.1bSP" }, { "status": "affected", "version": "3.18.1cSP" }, { "status": "affected", "version": "3.18.2SP" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "3.18.3SP" }, { "status": "affected", "version": "3.18.4SP" }, { "status": "affected", "version": "3.18.3aSP" }, { "status": "affected", "version": "3.18.3bSP" }, { "status": "affected", "version": "3.18.5SP" }, { "status": "affected", "version": "3.18.6SP" }, { "status": "affected", "version": "3.18.7SP" }, { "status": "affected", "version": "3.18.8aSP" }, { "status": "affected", "version": "3.18.9SP" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "16.12.12" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.6a" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.12.4a" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" }, { "status": "affected", "version": "17.15.1" }, { "status": "affected", "version": "17.15.1w" }, { "status": "affected", "version": "17.15.1a" }, { "status": "affected", "version": "17.15.1b" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.\r\n\r This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.\r\n\r Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "Improper Input Validation", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:39:56.836Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-privesc-su7scvdp", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp" } ], "source": { "advisory": "cisco-sa-iosxe-privesc-su7scvdp", "defects": [ "CSCwm72787" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20197", "datePublished": "2025-05-07T17:39:56.836Z", "dateReserved": "2024-10-10T19:15:13.227Z", "dateUpdated": "2025-05-08T03:56:18.330Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20214 (GCVE-0-2025-20214)
Vulnerability from cvelistv5
Published
2025-05-07 17:34
Modified
2025-05-07 19:45
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Summary
A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data.
This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker could exploit this vulnerability by using either NETCONF, RESTCONF, or gRPC Network Management Interface (gNMI) protocols and query data on paths that may have been denied by the NACM configuration. A successful exploit could allow the attacker to access data that should have been restricted according to the NACM configuration.
Note: This vulnerability requires that the attacker obtain the credentials from a valid user with privileges lower than 15, and that NACM was configured to provide restricted read access for that user.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.1z1 Version: 17.13.1 Version: 17.13.1a Version: 17.11.99SW |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20214", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T18:56:14.822809Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-07T19:45:40.776Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.11.99SW" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Network Configuration Access Control Module (NACM) of Cisco IOS XE Software could allow an authenticated, remote attacker to obtain unauthorized read access to configuration or operational data.\r\n\r This vulnerability exists because a subtle change in inner API call behavior causes results to be filtered incorrectly. An attacker could exploit this vulnerability by using either NETCONF, RESTCONF, or gRPC Network Management Interface (gNMI) protocols and query data on paths that may have been denied by the NACM configuration. A successful exploit could allow the attacker to access data that should have been restricted according to the NACM configuration.\r\n\r Note: This vulnerability requires that the attacker obtain the credentials from a valid user with privileges lower than 15, and that NACM was configured to provide restricted read access for that user." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-639", "description": "Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:34:14.978Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-netconf-nacm-bypass-TGZV9pmQ", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-netconf-nacm-bypass-TGZV9pmQ" } ], "source": { "advisory": "cisco-sa-netconf-nacm-bypass-TGZV9pmQ", "defects": [ "CSCwi33204" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20214", "datePublished": "2025-05-07T17:34:14.978Z", "dateReserved": "2024-10-10T19:15:13.232Z", "dateUpdated": "2025-05-07T19:45:40.776Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20200 (GCVE-0-2025-20200)
Vulnerability from cvelistv5
Published
2025-05-07 17:44
Modified
2025-05-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.
This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.
Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 3.7.0S Version: 3.7.1S Version: 3.7.2S Version: 3.7.3S Version: 3.7.4S Version: 3.7.5S Version: 3.7.6S Version: 3.7.7S Version: 3.7.4aS Version: 3.7.2tS Version: 3.7.0bS Version: 3.7.1aS Version: 3.3.0SG Version: 3.3.2SG Version: 3.3.1SG Version: 3.8.0S Version: 3.8.1S Version: 3.8.2S Version: 3.9.1S Version: 3.9.0S Version: 3.9.2S Version: 3.9.1aS Version: 3.9.0aS Version: 3.2.0SE Version: 3.2.1SE Version: 3.2.2SE Version: 3.2.3SE Version: 3.3.0SE Version: 3.3.1SE Version: 3.3.2SE Version: 3.3.3SE Version: 3.3.4SE Version: 3.3.5SE Version: 3.4.0SG Version: 3.4.2SG Version: 3.4.1SG Version: 3.4.3SG Version: 3.4.4SG Version: 3.4.5SG Version: 3.4.6SG Version: 3.4.7SG Version: 3.4.8SG Version: 3.5.0E Version: 3.5.1E Version: 3.5.2E Version: 3.5.3E Version: 3.11.1S Version: 3.11.2S Version: 3.11.0S Version: 3.11.3S Version: 3.11.4S Version: 3.12.0S Version: 3.12.1S Version: 3.12.2S Version: 3.12.3S Version: 3.12.0aS Version: 3.12.4S Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.2aS Version: 3.13.0aS Version: 3.13.5aS Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.7aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.6.0E Version: 3.6.1E Version: 3.6.2aE Version: 3.6.2E Version: 3.6.3E Version: 3.6.4E Version: 3.6.5E Version: 3.6.6E Version: 3.6.5aE Version: 3.6.5bE Version: 3.6.7E Version: 3.6.8E Version: 3.6.7bE Version: 3.6.9E Version: 3.6.10E Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.7.0E Version: 3.7.1E Version: 3.7.2E Version: 3.7.3E Version: 3.7.4E Version: 3.7.5E Version: 3.16.0S Version: 3.16.1S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.2aS Version: 3.16.0cS Version: 3.16.3S Version: 3.16.2bS Version: 3.16.3aS Version: 3.16.4S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.1aS Version: 3.17.3S Version: 3.17.4S Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 3.8.0E Version: 3.8.1E Version: 3.8.2E Version: 3.8.3E Version: 3.8.4E Version: 3.8.5E Version: 3.8.5aE Version: 3.8.6E Version: 3.8.7E Version: 3.8.8E Version: 3.8.9E Version: 3.8.10E Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.0aS Version: 3.18.0S Version: 3.18.1S Version: 3.18.2S Version: 3.18.3S Version: 3.18.4S Version: 3.18.0SP Version: 3.18.1SP Version: 3.18.1aSP Version: 3.18.1bSP Version: 3.18.1cSP Version: 3.18.2SP Version: 3.18.2aSP Version: 3.18.3SP Version: 3.18.4SP Version: 3.18.3aSP Version: 3.18.3bSP Version: 3.18.5SP Version: 3.18.6SP Version: 3.18.7SP Version: 3.18.8aSP Version: 3.18.9SP Version: 3.9.0E Version: 3.9.1E Version: 3.9.2E Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 3.10.0E Version: 3.10.1E Version: 3.10.0cE Version: 3.10.2E Version: 3.10.3E Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 16.12.12 Version: 3.11.0E Version: 3.11.1E Version: 3.11.2E Version: 3.11.3E Version: 3.11.1aE Version: 3.11.4E Version: 3.11.3aE Version: 3.11.5E Version: 3.11.6E Version: 3.11.7E Version: 3.11.8E Version: 3.11.9E Version: 3.11.10E Version: 3.11.11E Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.4a Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW Version: 17.15.1 Version: 17.15.1w Version: 17.15.1a Version: 17.15.1b |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20200", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-08T03:56:38.810Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.7.0S" }, { "status": "affected", "version": "3.7.1S" }, { "status": "affected", "version": "3.7.2S" }, { "status": "affected", "version": "3.7.3S" }, { "status": "affected", "version": "3.7.4S" }, { "status": "affected", "version": "3.7.5S" }, { "status": "affected", "version": "3.7.6S" }, { "status": "affected", "version": "3.7.7S" }, { "status": "affected", "version": "3.7.4aS" }, { "status": "affected", "version": "3.7.2tS" }, { "status": "affected", "version": "3.7.0bS" }, { "status": "affected", "version": "3.7.1aS" }, { "status": "affected", "version": "3.3.0SG" }, { "status": "affected", "version": "3.3.2SG" }, { "status": "affected", "version": "3.3.1SG" }, { "status": "affected", "version": "3.8.0S" }, { "status": "affected", "version": "3.8.1S" }, { "status": "affected", "version": "3.8.2S" }, { "status": "affected", "version": "3.9.1S" }, { "status": "affected", "version": "3.9.0S" }, { "status": "affected", "version": "3.9.2S" }, { "status": "affected", "version": "3.9.1aS" }, { "status": "affected", "version": "3.9.0aS" }, { "status": "affected", "version": "3.2.0SE" }, { "status": "affected", "version": "3.2.1SE" }, { "status": "affected", "version": "3.2.2SE" }, { "status": "affected", "version": "3.2.3SE" }, { "status": "affected", "version": "3.3.0SE" }, { "status": "affected", "version": "3.3.1SE" }, { "status": "affected", "version": "3.3.2SE" }, { "status": "affected", "version": "3.3.3SE" }, { "status": "affected", "version": "3.3.4SE" }, { "status": "affected", "version": "3.3.5SE" }, { "status": "affected", "version": "3.4.0SG" }, { "status": "affected", "version": "3.4.2SG" }, { "status": "affected", "version": "3.4.1SG" }, { "status": "affected", "version": "3.4.3SG" }, { "status": "affected", "version": "3.4.4SG" }, { "status": "affected", "version": "3.4.5SG" }, { "status": "affected", "version": "3.4.6SG" }, { "status": "affected", "version": "3.4.7SG" }, { "status": "affected", "version": "3.4.8SG" }, { "status": "affected", "version": "3.5.0E" }, { "status": "affected", "version": "3.5.1E" }, { "status": "affected", "version": "3.5.2E" }, { "status": "affected", "version": "3.5.3E" }, { "status": "affected", "version": "3.11.1S" }, { "status": "affected", "version": "3.11.2S" }, { "status": "affected", "version": "3.11.0S" }, { "status": "affected", "version": "3.11.3S" }, { "status": "affected", "version": "3.11.4S" }, { "status": "affected", "version": "3.12.0S" }, { "status": "affected", "version": "3.12.1S" }, { "status": "affected", "version": "3.12.2S" }, { "status": "affected", "version": "3.12.3S" }, { "status": "affected", "version": "3.12.0aS" }, { "status": "affected", "version": "3.12.4S" }, { "status": "affected", "version": "3.13.0S" }, { "status": "affected", "version": "3.13.1S" }, { "status": "affected", "version": "3.13.2S" }, { "status": "affected", "version": "3.13.3S" }, { "status": "affected", "version": "3.13.4S" }, { "status": "affected", "version": "3.13.5S" }, { "status": "affected", "version": "3.13.2aS" }, { "status": "affected", "version": "3.13.0aS" }, { "status": "affected", "version": "3.13.5aS" }, { "status": "affected", "version": "3.13.6S" }, { "status": "affected", "version": "3.13.7S" }, { "status": "affected", "version": "3.13.6aS" }, { "status": "affected", "version": "3.13.7aS" }, { "status": "affected", "version": "3.13.8S" }, { "status": "affected", "version": "3.13.9S" }, { "status": "affected", "version": "3.13.10S" }, { "status": "affected", "version": "3.6.0E" }, { "status": "affected", "version": "3.6.1E" }, { "status": "affected", "version": "3.6.2aE" }, { "status": "affected", "version": "3.6.2E" }, { "status": "affected", "version": "3.6.3E" }, { "status": "affected", "version": "3.6.4E" }, { "status": "affected", "version": "3.6.5E" }, { "status": "affected", "version": "3.6.6E" }, { "status": "affected", "version": "3.6.5aE" }, { "status": "affected", "version": "3.6.5bE" }, { "status": "affected", "version": "3.6.7E" }, { "status": "affected", "version": "3.6.8E" }, { "status": "affected", "version": "3.6.7bE" }, { "status": "affected", "version": "3.6.9E" }, { "status": "affected", "version": "3.6.10E" }, { "status": "affected", "version": "3.14.0S" }, { "status": "affected", "version": "3.14.1S" }, { "status": "affected", "version": "3.14.2S" }, { "status": "affected", "version": "3.14.3S" }, { "status": "affected", "version": "3.14.4S" }, { "status": "affected", "version": "3.15.0S" }, { "status": "affected", "version": "3.15.1S" }, { "status": "affected", "version": "3.15.2S" }, { "status": "affected", "version": "3.15.1cS" }, { "status": "affected", "version": "3.15.3S" }, { "status": "affected", "version": "3.15.4S" }, { "status": "affected", "version": "3.7.0E" }, { "status": "affected", "version": "3.7.1E" }, { "status": "affected", "version": "3.7.2E" }, { "status": "affected", "version": "3.7.3E" }, { "status": "affected", "version": "3.7.4E" }, { "status": "affected", "version": "3.7.5E" }, { "status": "affected", "version": "3.16.0S" }, { "status": "affected", "version": "3.16.1S" }, { "status": "affected", "version": "3.16.1aS" }, { "status": "affected", "version": "3.16.2S" }, { "status": "affected", "version": "3.16.2aS" }, { "status": "affected", "version": "3.16.0cS" }, { "status": "affected", "version": "3.16.3S" }, { "status": "affected", "version": "3.16.2bS" }, { "status": "affected", "version": "3.16.3aS" }, { "status": "affected", "version": "3.16.4S" }, { "status": "affected", "version": "3.16.4aS" }, { "status": "affected", "version": "3.16.4bS" }, { "status": "affected", "version": "3.16.5S" }, { "status": "affected", "version": "3.16.4dS" }, { "status": "affected", "version": "3.16.6S" }, { "status": "affected", "version": "3.16.7S" }, { "status": "affected", "version": "3.16.6bS" }, { "status": "affected", "version": "3.16.7aS" }, { "status": "affected", "version": "3.16.7bS" }, { "status": "affected", "version": "3.16.8S" }, { "status": "affected", "version": "3.16.9S" }, { "status": "affected", "version": "3.16.10S" }, { "status": "affected", "version": "3.17.0S" }, { "status": "affected", "version": "3.17.1S" }, { "status": "affected", "version": "3.17.2S" }, { "status": "affected", "version": "3.17.1aS" }, { "status": "affected", "version": "3.17.3S" }, { "status": "affected", "version": "3.17.4S" }, { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "3.8.0E" }, { "status": "affected", "version": "3.8.1E" }, { "status": "affected", "version": "3.8.2E" }, { "status": "affected", "version": "3.8.3E" }, { "status": "affected", "version": "3.8.4E" }, { "status": "affected", "version": "3.8.5E" }, { "status": "affected", "version": "3.8.5aE" }, { "status": "affected", "version": "3.8.6E" }, { "status": "affected", "version": "3.8.7E" }, { "status": "affected", "version": "3.8.8E" }, { "status": "affected", "version": "3.8.9E" }, { "status": "affected", "version": "3.8.10E" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "3.18.0aS" }, { "status": "affected", "version": "3.18.0S" }, { "status": "affected", "version": "3.18.1S" }, { "status": "affected", "version": "3.18.2S" }, { "status": "affected", "version": "3.18.3S" }, { "status": "affected", "version": "3.18.4S" }, { "status": "affected", "version": "3.18.0SP" }, { "status": "affected", "version": "3.18.1SP" }, { "status": "affected", "version": "3.18.1aSP" }, { "status": "affected", "version": "3.18.1bSP" }, { "status": "affected", "version": "3.18.1cSP" }, { "status": "affected", "version": "3.18.2SP" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "3.18.3SP" }, { "status": "affected", "version": "3.18.4SP" }, { "status": "affected", "version": "3.18.3aSP" }, { "status": "affected", "version": "3.18.3bSP" }, { "status": "affected", "version": "3.18.5SP" }, { "status": "affected", "version": "3.18.6SP" }, { "status": "affected", "version": "3.18.7SP" }, { "status": "affected", "version": "3.18.8aSP" }, { "status": "affected", "version": "3.18.9SP" }, { "status": "affected", "version": "3.9.0E" }, { "status": "affected", "version": "3.9.1E" }, { "status": "affected", "version": "3.9.2E" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "3.10.0E" }, { "status": "affected", "version": "3.10.1E" }, { "status": "affected", "version": "3.10.0cE" }, { "status": "affected", "version": "3.10.2E" }, { "status": "affected", "version": "3.10.3E" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "16.12.12" }, { "status": "affected", "version": "3.11.0E" }, { "status": "affected", "version": "3.11.1E" }, { "status": "affected", "version": "3.11.2E" }, { "status": "affected", "version": "3.11.3E" }, { "status": "affected", "version": "3.11.1aE" }, { "status": "affected", "version": "3.11.4E" }, { "status": "affected", "version": "3.11.3aE" }, { "status": "affected", "version": "3.11.5E" }, { "status": "affected", "version": "3.11.6E" }, { "status": "affected", "version": "3.11.7E" }, { "status": "affected", "version": "3.11.8E" }, { "status": "affected", "version": "3.11.9E" }, { "status": "affected", "version": "3.11.10E" }, { "status": "affected", "version": "3.11.11E" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.6a" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.12.4a" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" }, { "status": "affected", "version": "17.15.1" }, { "status": "affected", "version": "17.15.1w" }, { "status": "affected", "version": "17.15.1a" }, { "status": "affected", "version": "17.15.1b" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability\u00a0in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.\r\n\r This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.\r\n\r Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:44:05.895Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-privesc-su7scvdp", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp" } ], "source": { "advisory": "cisco-sa-iosxe-privesc-su7scvdp", "defects": [ "CSCwm68661" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20200", "datePublished": "2025-05-07T17:44:05.895Z", "dateReserved": "2024-10-10T19:15:13.227Z", "dateUpdated": "2025-05-08T03:56:38.810Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20162 (GCVE-0-2025-20162)
Vulnerability from cvelistv5
Published
2025-05-07 17:38
Modified
2025-05-07 19:42
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition.
This vulnerability is due to improper handling of DHCP request packets. An attacker could exploit this vulnerability by sending DHCP request packets to an affected device. A successful exploit could allow the attacker to cause packets to wedge in the queue, creating a DoS condition for downstream devices of the affected system and requiring that the system restart to drain the queue.
Note: This vulnerability can be exploited with either unicast or broadcast DHCP packets on a VLAN that does not have DHCP snooping enabled.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 16.11.1 Version: 16.11.1a Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.2 Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.4 Version: 16.12.3s Version: 16.12.5 Version: 16.12.6 Version: 16.12.7 Version: 17.1.1 Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1a Version: 17.6.3 Version: 17.6.1y Version: 17.6.3a Version: 17.6.4 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.2 Version: 17.9.1a Version: 17.9.3 Version: 17.9.2a Version: 17.9.3a Version: 17.9.4 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.6 Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1a Version: 17.12.2 Version: 17.12.3 Version: 17.12.4 Version: 17.12.3a Version: 17.12.4a Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.15.1 Version: 17.15.1a |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20162", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T18:56:53.926637Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-07T19:42:11.086Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.4a" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.15.1" }, { "status": "affected", "version": "17.15.1a" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition.\r\n\r This vulnerability is due to improper handling of DHCP request packets. An attacker could exploit this vulnerability by sending DHCP request packets to an affected device. A successful exploit could allow the attacker to cause packets to wedge in the queue, creating a DoS condition for downstream devices of the affected system and requiring that the system restart to drain the queue.\r\n\r Note: This vulnerability can be exploited with either unicast or broadcast DHCP packets on a VLAN that does not have DHCP snooping enabled." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.6, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-400", "description": "Uncontrolled Resource Consumption", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:38:25.634Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks" } ], "source": { "advisory": "cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks", "defects": [ "CSCwm45385" ], "discovery": "EXTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20162", "datePublished": "2025-05-07T17:38:25.634Z", "dateReserved": "2024-10-10T19:15:13.217Z", "dateUpdated": "2025-05-07T19:42:11.086Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20155 (GCVE-0-2025-20155)
Vulnerability from cvelistv5
Published
2025-05-07 17:37
Modified
2025-05-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Summary
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system.
This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is first deployed in SD-WAN mode or when an administrator configures SD-Routing on the device. An attacker could exploit this vulnerability by modifying a bootstrap file generated by Cisco Catalyst SD-WAN Manager, loading it into the device flash, and then either reloading the device in a green field deployment in SD-WAN mode or configuring the device with SD-Routing. A successful exploit could allow the attacker to perform arbitrary file writes to the underlying operating system.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 17.9.4 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.5e Version: 17.9.5f Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.4a Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20155", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-08T03:56:34.728Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.6a" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.12.4a" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system.\r\n\r This vulnerability is due to insufficient input validation of the bootstrap file that is read by the system software when a device is first deployed in SD-WAN mode or when an administrator configures SD-Routing on the device. An attacker could exploit this vulnerability by modifying a bootstrap file generated by Cisco Catalyst SD-WAN Manager, loading it into the device flash, and then either reloading the device in a green field deployment in SD-WAN mode or configuring the device with SD-Routing. A successful exploit could allow the attacker to perform arbitrary file writes to the underlying operating system." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1287", "description": "Improper Validation of Specified Type of Input", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:37:05.984Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-bootstrap-KfgxYgdh", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootstrap-KfgxYgdh" } ], "source": { "advisory": "cisco-sa-bootstrap-KfgxYgdh", "defects": [ "CSCwj60286" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20155", "datePublished": "2025-05-07T17:37:05.984Z", "dateReserved": "2024-10-10T19:15:13.216Z", "dateUpdated": "2025-05-08T03:56:34.728Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20192 (GCVE-0-2025-20192)
Vulnerability from cvelistv5
Published
2025-05-07 17:36
Modified
2025-05-07 19:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-232 - Improper Handling of Undefined Values
Summary
A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability.
This vulnerability is due to improper validation of IKEv1 phase 2 parameters before the IPsec security association creation request is handed off to the hardware cryptographic accelerator of an affected device. An attacker could exploit this vulnerability by sending crafted IKEv1 messages to the affected device. A successful exploit could allow the attacker to cause the device to reload.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.16.0S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.0cS Version: 3.16.3S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.3S Version: 3.17.4S Version: 16.2.1 Version: 16.2.2 Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.2aSP Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.2 Version: 16.7.3 Version: 16.8.1 Version: 16.8.1s Version: 16.8.2 Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.5 Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1e Version: 16.10.2 Version: 16.10.3 Version: 16.11.1 Version: 16.11.1a Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.2 Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.4 Version: 16.12.3s Version: 16.12.5 Version: 16.12.6 Version: 16.12.7 Version: 17.1.1 Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1a Version: 17.6.3 Version: 17.6.1y Version: 17.6.3a Version: 17.6.4 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.2 Version: 17.9.1a Version: 17.9.3 Version: 17.9.2a Version: 17.9.3a Version: 17.9.4 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1a Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.3a Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20192", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T18:56:00.580521Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-07T19:43:26.883Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.13.0S" }, { "status": "affected", "version": "3.13.1S" }, { "status": "affected", "version": "3.13.2S" }, { "status": "affected", "version": "3.13.3S" }, { "status": "affected", "version": "3.13.4S" }, { "status": "affected", "version": "3.13.5S" }, { "status": "affected", "version": "3.13.6S" }, { "status": "affected", "version": "3.13.7S" }, { "status": "affected", "version": "3.13.6aS" }, { "status": "affected", "version": "3.13.8S" }, { "status": "affected", "version": "3.13.9S" }, { "status": "affected", "version": "3.13.10S" }, { "status": "affected", "version": "3.14.0S" }, { "status": "affected", "version": "3.14.1S" }, { "status": "affected", "version": "3.14.2S" }, { "status": "affected", "version": "3.14.3S" }, { "status": "affected", "version": "3.14.4S" }, { "status": "affected", "version": "3.15.0S" }, { "status": "affected", "version": "3.15.1S" }, { "status": "affected", "version": "3.15.2S" }, { "status": "affected", "version": "3.15.1cS" }, { "status": "affected", "version": "3.15.3S" }, { "status": "affected", "version": "3.15.4S" }, { "status": "affected", "version": "3.16.0S" }, { "status": "affected", "version": "3.16.1aS" }, { "status": "affected", "version": "3.16.2S" }, { "status": "affected", "version": "3.16.0cS" }, { "status": "affected", "version": "3.16.3S" }, { "status": "affected", "version": "3.16.4aS" }, { "status": "affected", "version": "3.16.4bS" }, { "status": "affected", "version": "3.16.5S" }, { "status": "affected", "version": "3.16.4dS" }, { "status": "affected", "version": "3.16.6S" }, { "status": "affected", "version": "3.16.7S" }, { "status": "affected", "version": "3.16.6bS" }, { "status": "affected", "version": "3.16.7aS" }, { "status": "affected", "version": "3.16.7bS" }, { "status": "affected", "version": "3.16.8S" }, { "status": "affected", "version": "3.16.9S" }, { "status": "affected", "version": "3.16.10S" }, { "status": "affected", "version": "3.17.0S" }, { "status": "affected", "version": "3.17.1S" }, { "status": "affected", "version": "3.17.2S" }, { "status": "affected", "version": "3.17.3S" }, { "status": "affected", "version": "3.17.4S" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability in the Internet Key Exchange version 1 (IKEv1) implementation of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The attacker must have valid IKEv1 VPN credentials to exploit this vulnerability.\r\n\r This vulnerability is due to improper validation of IKEv1 phase 2 parameters before the IPsec security association creation request is handed off to the hardware cryptographic accelerator of an affected device. An attacker could exploit this vulnerability by sending crafted IKEv1 messages to the affected device. A successful exploit could allow the attacker to cause the device to reload." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.7, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-232", "description": "Improper Handling of Undefined Values", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:36:16.366Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-ikev1-dos-XHk3HzFC", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-ikev1-dos-XHk3HzFC" } ], "source": { "advisory": "cisco-sa-iosxe-ikev1-dos-XHk3HzFC", "defects": [ "CSCwi26594" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20192", "datePublished": "2025-05-07T17:36:16.366Z", "dateReserved": "2024-10-10T19:15:13.226Z", "dateUpdated": "2025-05-07T19:43:26.883Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2025-20201 (GCVE-0-2025-20201)
Vulnerability from cvelistv5
Published
2025-05-07 17:44
Modified
2025-05-08 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.
This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.
Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15.
References
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Cisco | Cisco IOS XE Software |
Version: 3.7.0S Version: 3.7.1S Version: 3.7.2S Version: 3.7.3S Version: 3.7.4S Version: 3.7.5S Version: 3.7.6S Version: 3.7.7S Version: 3.7.4aS Version: 3.7.2tS Version: 3.7.0bS Version: 3.7.1aS Version: 3.3.0SG Version: 3.3.2SG Version: 3.3.1SG Version: 3.8.0S Version: 3.8.1S Version: 3.8.2S Version: 3.9.1S Version: 3.9.0S Version: 3.9.2S Version: 3.9.1aS Version: 3.9.0aS Version: 3.2.0SE Version: 3.2.1SE Version: 3.2.2SE Version: 3.2.3SE Version: 3.3.0SE Version: 3.3.1SE Version: 3.3.2SE Version: 3.3.3SE Version: 3.3.4SE Version: 3.3.5SE Version: 3.4.0SG Version: 3.4.2SG Version: 3.4.1SG Version: 3.4.3SG Version: 3.4.4SG Version: 3.4.5SG Version: 3.4.6SG Version: 3.4.7SG Version: 3.4.8SG Version: 3.5.0E Version: 3.5.1E Version: 3.5.2E Version: 3.5.3E Version: 3.11.1S Version: 3.11.2S Version: 3.11.0S Version: 3.11.3S Version: 3.11.4S Version: 3.12.0S Version: 3.12.1S Version: 3.12.2S Version: 3.12.3S Version: 3.12.0aS Version: 3.12.4S Version: 3.13.0S Version: 3.13.1S Version: 3.13.2S Version: 3.13.3S Version: 3.13.4S Version: 3.13.5S Version: 3.13.2aS Version: 3.13.0aS Version: 3.13.5aS Version: 3.13.6S Version: 3.13.7S Version: 3.13.6aS Version: 3.13.7aS Version: 3.13.8S Version: 3.13.9S Version: 3.13.10S Version: 3.6.0E Version: 3.6.1E Version: 3.6.2aE Version: 3.6.2E Version: 3.6.3E Version: 3.6.4E Version: 3.6.5E Version: 3.6.6E Version: 3.6.5aE Version: 3.6.5bE Version: 3.6.7E Version: 3.6.8E Version: 3.6.7bE Version: 3.6.9E Version: 3.6.10E Version: 3.14.0S Version: 3.14.1S Version: 3.14.2S Version: 3.14.3S Version: 3.14.4S Version: 3.15.0S Version: 3.15.1S Version: 3.15.2S Version: 3.15.1cS Version: 3.15.3S Version: 3.15.4S Version: 3.7.0E Version: 3.7.1E Version: 3.7.2E Version: 3.7.3E Version: 3.7.4E Version: 3.7.5E Version: 3.16.0S Version: 3.16.1S Version: 3.16.1aS Version: 3.16.2S Version: 3.16.2aS Version: 3.16.0cS Version: 3.16.3S Version: 3.16.2bS Version: 3.16.3aS Version: 3.16.4S Version: 3.16.4aS Version: 3.16.4bS Version: 3.16.5S Version: 3.16.4dS Version: 3.16.6S Version: 3.16.7S Version: 3.16.6bS Version: 3.16.7aS Version: 3.16.7bS Version: 3.16.8S Version: 3.16.9S Version: 3.16.10S Version: 3.17.0S Version: 3.17.1S Version: 3.17.2S Version: 3.17.1aS Version: 3.17.3S Version: 3.17.4S Version: 16.1.1 Version: 16.1.2 Version: 16.1.3 Version: 16.2.1 Version: 16.2.2 Version: 3.8.0E Version: 3.8.1E Version: 3.8.2E Version: 3.8.3E Version: 3.8.4E Version: 3.8.5E Version: 3.8.5aE Version: 3.8.6E Version: 3.8.7E Version: 3.8.8E Version: 3.8.9E Version: 3.8.10E Version: 16.3.1 Version: 16.3.2 Version: 16.3.3 Version: 16.3.1a Version: 16.3.4 Version: 16.3.5 Version: 16.3.5b Version: 16.3.6 Version: 16.3.7 Version: 16.3.8 Version: 16.3.9 Version: 16.3.10 Version: 16.3.11 Version: 16.4.1 Version: 16.4.2 Version: 16.4.3 Version: 16.5.1 Version: 16.5.1a Version: 16.5.1b Version: 16.5.2 Version: 16.5.3 Version: 3.18.0aS Version: 3.18.0S Version: 3.18.1S Version: 3.18.2S Version: 3.18.3S Version: 3.18.4S Version: 3.18.0SP Version: 3.18.1SP Version: 3.18.1aSP Version: 3.18.1bSP Version: 3.18.1cSP Version: 3.18.2SP Version: 3.18.2aSP Version: 3.18.3SP Version: 3.18.4SP Version: 3.18.3aSP Version: 3.18.3bSP Version: 3.18.5SP Version: 3.18.6SP Version: 3.18.7SP Version: 3.18.8aSP Version: 3.18.9SP Version: 3.9.0E Version: 3.9.1E Version: 3.9.2E Version: 16.6.1 Version: 16.6.2 Version: 16.6.3 Version: 16.6.4 Version: 16.6.5 Version: 16.6.4a Version: 16.6.5a Version: 16.6.6 Version: 16.6.7 Version: 16.6.8 Version: 16.6.9 Version: 16.6.10 Version: 16.7.1 Version: 16.7.1a Version: 16.7.1b Version: 16.7.2 Version: 16.7.3 Version: 16.7.4 Version: 16.8.1 Version: 16.8.1a Version: 16.8.1b Version: 16.8.1s Version: 16.8.1c Version: 16.8.1d Version: 16.8.2 Version: 16.8.1e Version: 16.8.3 Version: 16.9.1 Version: 16.9.2 Version: 16.9.1a Version: 16.9.1b Version: 16.9.1s Version: 16.9.3 Version: 16.9.4 Version: 16.9.3a Version: 16.9.5 Version: 16.9.5f Version: 16.9.6 Version: 16.9.7 Version: 16.9.8 Version: 16.10.1 Version: 16.10.1a Version: 16.10.1b Version: 16.10.1s Version: 16.10.1c Version: 16.10.1e Version: 16.10.1d Version: 16.10.2 Version: 16.10.1f Version: 16.10.1g Version: 16.10.3 Version: 3.10.0E Version: 3.10.1E Version: 3.10.0cE Version: 3.10.2E Version: 3.10.3E Version: 16.11.1 Version: 16.11.1a Version: 16.11.1b Version: 16.11.2 Version: 16.11.1s Version: 16.12.1 Version: 16.12.1s Version: 16.12.1a Version: 16.12.1c Version: 16.12.1w Version: 16.12.2 Version: 16.12.1y Version: 16.12.2a Version: 16.12.3 Version: 16.12.8 Version: 16.12.2s Version: 16.12.1x Version: 16.12.1t Version: 16.12.4 Version: 16.12.3s Version: 16.12.3a Version: 16.12.4a Version: 16.12.5 Version: 16.12.6 Version: 16.12.1z1 Version: 16.12.5a Version: 16.12.5b Version: 16.12.1z2 Version: 16.12.6a Version: 16.12.7 Version: 16.12.9 Version: 16.12.10 Version: 16.12.10a Version: 16.12.11 Version: 16.12.12 Version: 3.11.0E Version: 3.11.1E Version: 3.11.2E Version: 3.11.3E Version: 3.11.1aE Version: 3.11.4E Version: 3.11.3aE Version: 3.11.5E Version: 3.11.6E Version: 3.11.7E Version: 3.11.8E Version: 3.11.9E Version: 3.11.10E Version: 3.11.11E Version: 17.1.1 Version: 17.1.1a Version: 17.1.1s Version: 17.1.1t Version: 17.1.3 Version: 17.2.1 Version: 17.2.1r Version: 17.2.1a Version: 17.2.1v Version: 17.2.2 Version: 17.2.3 Version: 17.3.1 Version: 17.3.2 Version: 17.3.3 Version: 17.3.1a Version: 17.3.1w Version: 17.3.2a Version: 17.3.1x Version: 17.3.1z Version: 17.3.4 Version: 17.3.5 Version: 17.3.4a Version: 17.3.6 Version: 17.3.4b Version: 17.3.4c Version: 17.3.5a Version: 17.3.5b Version: 17.3.7 Version: 17.3.8 Version: 17.3.8a Version: 17.4.1 Version: 17.4.2 Version: 17.4.1a Version: 17.4.1b Version: 17.4.2a Version: 17.5.1 Version: 17.5.1a Version: 17.6.1 Version: 17.6.2 Version: 17.6.1w Version: 17.6.1a Version: 17.6.1x Version: 17.6.3 Version: 17.6.1y Version: 17.6.1z Version: 17.6.3a Version: 17.6.4 Version: 17.6.1z1 Version: 17.6.5 Version: 17.6.6 Version: 17.6.6a Version: 17.6.5a Version: 17.6.7 Version: 17.6.8 Version: 17.6.8a Version: 17.7.1 Version: 17.7.1a Version: 17.7.1b Version: 17.7.2 Version: 17.10.1 Version: 17.10.1a Version: 17.10.1b Version: 17.8.1 Version: 17.8.1a Version: 17.9.1 Version: 17.9.1w Version: 17.9.2 Version: 17.9.1a Version: 17.9.1x Version: 17.9.1y Version: 17.9.3 Version: 17.9.2a Version: 17.9.1x1 Version: 17.9.3a Version: 17.9.4 Version: 17.9.1y1 Version: 17.9.5 Version: 17.9.4a Version: 17.9.5a Version: 17.9.5b Version: 17.9.6 Version: 17.9.6a Version: 17.9.5e Version: 17.9.5f Version: 17.11.1 Version: 17.11.1a Version: 17.12.1 Version: 17.12.1w Version: 17.12.1a Version: 17.12.1x Version: 17.12.2 Version: 17.12.3 Version: 17.12.2a Version: 17.12.1y Version: 17.12.1z Version: 17.12.4 Version: 17.12.3a Version: 17.12.1z1 Version: 17.12.4a Version: 17.12.4b Version: 17.13.1 Version: 17.13.1a Version: 17.14.1 Version: 17.14.1a Version: 17.11.99SW Version: 17.15.1 Version: 17.15.1w Version: 17.15.1a Version: 17.15.1b |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2025-20201", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2025-05-07T00:00:00+00:00", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-05-08T03:56:31.913Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "Cisco IOS XE Software", "vendor": "Cisco", "versions": [ { "status": "affected", "version": "3.7.0S" }, { "status": "affected", "version": "3.7.1S" }, { "status": "affected", "version": "3.7.2S" }, { "status": "affected", "version": "3.7.3S" }, { "status": "affected", "version": "3.7.4S" }, { "status": "affected", "version": "3.7.5S" }, { "status": "affected", "version": "3.7.6S" }, { "status": "affected", "version": "3.7.7S" }, { "status": "affected", "version": "3.7.4aS" }, { "status": "affected", "version": "3.7.2tS" }, { "status": "affected", "version": "3.7.0bS" }, { "status": "affected", "version": "3.7.1aS" }, { "status": "affected", "version": "3.3.0SG" }, { "status": "affected", "version": "3.3.2SG" }, { "status": "affected", "version": "3.3.1SG" }, { "status": "affected", "version": "3.8.0S" }, { "status": "affected", "version": "3.8.1S" }, { "status": "affected", "version": "3.8.2S" }, { "status": "affected", "version": "3.9.1S" }, { "status": "affected", "version": "3.9.0S" }, { "status": "affected", "version": "3.9.2S" }, { "status": "affected", "version": "3.9.1aS" }, { "status": "affected", "version": "3.9.0aS" }, { "status": "affected", "version": "3.2.0SE" }, { "status": "affected", "version": "3.2.1SE" }, { "status": "affected", "version": "3.2.2SE" }, { "status": "affected", "version": "3.2.3SE" }, { "status": "affected", "version": "3.3.0SE" }, { "status": "affected", "version": "3.3.1SE" }, { "status": "affected", "version": "3.3.2SE" }, { "status": "affected", "version": "3.3.3SE" }, { "status": "affected", "version": "3.3.4SE" }, { "status": "affected", "version": "3.3.5SE" }, { "status": "affected", "version": "3.4.0SG" }, { "status": "affected", "version": "3.4.2SG" }, { "status": "affected", "version": "3.4.1SG" }, { "status": "affected", "version": "3.4.3SG" }, { "status": "affected", "version": "3.4.4SG" }, { "status": "affected", "version": "3.4.5SG" }, { "status": "affected", "version": "3.4.6SG" }, { "status": "affected", "version": "3.4.7SG" }, { "status": "affected", "version": "3.4.8SG" }, { "status": "affected", "version": "3.5.0E" }, { "status": "affected", "version": "3.5.1E" }, { "status": "affected", "version": "3.5.2E" }, { "status": "affected", "version": "3.5.3E" }, { "status": "affected", "version": "3.11.1S" }, { "status": "affected", "version": "3.11.2S" }, { "status": "affected", "version": "3.11.0S" }, { "status": "affected", "version": "3.11.3S" }, { "status": "affected", "version": "3.11.4S" }, { "status": "affected", "version": "3.12.0S" }, { "status": "affected", "version": "3.12.1S" }, { "status": "affected", "version": "3.12.2S" }, { "status": "affected", "version": "3.12.3S" }, { "status": "affected", "version": "3.12.0aS" }, { "status": "affected", "version": "3.12.4S" }, { "status": "affected", "version": "3.13.0S" }, { "status": "affected", "version": "3.13.1S" }, { "status": "affected", "version": "3.13.2S" }, { "status": "affected", "version": "3.13.3S" }, { "status": "affected", "version": "3.13.4S" }, { "status": "affected", "version": "3.13.5S" }, { "status": "affected", "version": "3.13.2aS" }, { "status": "affected", "version": "3.13.0aS" }, { "status": "affected", "version": "3.13.5aS" }, { "status": "affected", "version": "3.13.6S" }, { "status": "affected", "version": "3.13.7S" }, { "status": "affected", "version": "3.13.6aS" }, { "status": "affected", "version": "3.13.7aS" }, { "status": "affected", "version": "3.13.8S" }, { "status": "affected", "version": "3.13.9S" }, { "status": "affected", "version": "3.13.10S" }, { "status": "affected", "version": "3.6.0E" }, { "status": "affected", "version": "3.6.1E" }, { "status": "affected", "version": "3.6.2aE" }, { "status": "affected", "version": "3.6.2E" }, { "status": "affected", "version": "3.6.3E" }, { "status": "affected", "version": "3.6.4E" }, { "status": "affected", "version": "3.6.5E" }, { "status": "affected", "version": "3.6.6E" }, { "status": "affected", "version": "3.6.5aE" }, { "status": "affected", "version": "3.6.5bE" }, { "status": "affected", "version": "3.6.7E" }, { "status": "affected", "version": "3.6.8E" }, { "status": "affected", "version": "3.6.7bE" }, { "status": "affected", "version": "3.6.9E" }, { "status": "affected", "version": "3.6.10E" }, { "status": "affected", "version": "3.14.0S" }, { "status": "affected", "version": "3.14.1S" }, { "status": "affected", "version": "3.14.2S" }, { "status": "affected", "version": "3.14.3S" }, { "status": "affected", "version": "3.14.4S" }, { "status": "affected", "version": "3.15.0S" }, { "status": "affected", "version": "3.15.1S" }, { "status": "affected", "version": "3.15.2S" }, { "status": "affected", "version": "3.15.1cS" }, { "status": "affected", "version": "3.15.3S" }, { "status": "affected", "version": "3.15.4S" }, { "status": "affected", "version": "3.7.0E" }, { "status": "affected", "version": "3.7.1E" }, { "status": "affected", "version": "3.7.2E" }, { "status": "affected", "version": "3.7.3E" }, { "status": "affected", "version": "3.7.4E" }, { "status": "affected", "version": "3.7.5E" }, { "status": "affected", "version": "3.16.0S" }, { "status": "affected", "version": "3.16.1S" }, { "status": "affected", "version": "3.16.1aS" }, { "status": "affected", "version": "3.16.2S" }, { "status": "affected", "version": "3.16.2aS" }, { "status": "affected", "version": "3.16.0cS" }, { "status": "affected", "version": "3.16.3S" }, { "status": "affected", "version": "3.16.2bS" }, { "status": "affected", "version": "3.16.3aS" }, { "status": "affected", "version": "3.16.4S" }, { "status": "affected", "version": "3.16.4aS" }, { "status": "affected", "version": "3.16.4bS" }, { "status": "affected", "version": "3.16.5S" }, { "status": "affected", "version": "3.16.4dS" }, { "status": "affected", "version": "3.16.6S" }, { "status": "affected", "version": "3.16.7S" }, { "status": "affected", "version": "3.16.6bS" }, { "status": "affected", "version": "3.16.7aS" }, { "status": "affected", "version": "3.16.7bS" }, { "status": "affected", "version": "3.16.8S" }, { "status": "affected", "version": "3.16.9S" }, { "status": "affected", "version": "3.16.10S" }, { "status": "affected", "version": "3.17.0S" }, { "status": "affected", "version": "3.17.1S" }, { "status": "affected", "version": "3.17.2S" }, { "status": "affected", "version": "3.17.1aS" }, { "status": "affected", "version": "3.17.3S" }, { "status": "affected", "version": "3.17.4S" }, { "status": "affected", "version": "16.1.1" }, { "status": "affected", "version": "16.1.2" }, { "status": "affected", "version": "16.1.3" }, { "status": "affected", "version": "16.2.1" }, { "status": "affected", "version": "16.2.2" }, { "status": "affected", "version": "3.8.0E" }, { "status": "affected", "version": "3.8.1E" }, { "status": "affected", "version": "3.8.2E" }, { "status": "affected", "version": "3.8.3E" }, { "status": "affected", "version": "3.8.4E" }, { "status": "affected", "version": "3.8.5E" }, { "status": "affected", "version": "3.8.5aE" }, { "status": "affected", "version": "3.8.6E" }, { "status": "affected", "version": "3.8.7E" }, { "status": "affected", "version": "3.8.8E" }, { "status": "affected", "version": "3.8.9E" }, { "status": "affected", "version": "3.8.10E" }, { "status": "affected", "version": "16.3.1" }, { "status": "affected", "version": "16.3.2" }, { "status": "affected", "version": "16.3.3" }, { "status": "affected", "version": "16.3.1a" }, { "status": "affected", "version": "16.3.4" }, { "status": "affected", "version": "16.3.5" }, { "status": "affected", "version": "16.3.5b" }, { "status": "affected", "version": "16.3.6" }, { "status": "affected", "version": "16.3.7" }, { "status": "affected", "version": "16.3.8" }, { "status": "affected", "version": "16.3.9" }, { "status": "affected", "version": "16.3.10" }, { "status": "affected", "version": "16.3.11" }, { "status": "affected", "version": "16.4.1" }, { "status": "affected", "version": "16.4.2" }, { "status": "affected", "version": "16.4.3" }, { "status": "affected", "version": "16.5.1" }, { "status": "affected", "version": "16.5.1a" }, { "status": "affected", "version": "16.5.1b" }, { "status": "affected", "version": "16.5.2" }, { "status": "affected", "version": "16.5.3" }, { "status": "affected", "version": "3.18.0aS" }, { "status": "affected", "version": "3.18.0S" }, { "status": "affected", "version": "3.18.1S" }, { "status": "affected", "version": "3.18.2S" }, { "status": "affected", "version": "3.18.3S" }, { "status": "affected", "version": "3.18.4S" }, { "status": "affected", "version": "3.18.0SP" }, { "status": "affected", "version": "3.18.1SP" }, { "status": "affected", "version": "3.18.1aSP" }, { "status": "affected", "version": "3.18.1bSP" }, { "status": "affected", "version": "3.18.1cSP" }, { "status": "affected", "version": "3.18.2SP" }, { "status": "affected", "version": "3.18.2aSP" }, { "status": "affected", "version": "3.18.3SP" }, { "status": "affected", "version": "3.18.4SP" }, { "status": "affected", "version": "3.18.3aSP" }, { "status": "affected", "version": "3.18.3bSP" }, { "status": "affected", "version": "3.18.5SP" }, { "status": "affected", "version": "3.18.6SP" }, { "status": "affected", "version": "3.18.7SP" }, { "status": "affected", "version": "3.18.8aSP" }, { "status": "affected", "version": "3.18.9SP" }, { "status": "affected", "version": "3.9.0E" }, { "status": "affected", "version": "3.9.1E" }, { "status": "affected", "version": "3.9.2E" }, { "status": "affected", "version": "16.6.1" }, { "status": "affected", "version": "16.6.2" }, { "status": "affected", "version": "16.6.3" }, { "status": "affected", "version": "16.6.4" }, { "status": "affected", "version": "16.6.5" }, { "status": "affected", "version": "16.6.4a" }, { "status": "affected", "version": "16.6.5a" }, { "status": "affected", "version": "16.6.6" }, { "status": "affected", "version": "16.6.7" }, { "status": "affected", "version": "16.6.8" }, { "status": "affected", "version": "16.6.9" }, { "status": "affected", "version": "16.6.10" }, { "status": "affected", "version": "16.7.1" }, { "status": "affected", "version": "16.7.1a" }, { "status": "affected", "version": "16.7.1b" }, { "status": "affected", "version": "16.7.2" }, { "status": "affected", "version": "16.7.3" }, { "status": "affected", "version": "16.7.4" }, { "status": "affected", "version": "16.8.1" }, { "status": "affected", "version": "16.8.1a" }, { "status": "affected", "version": "16.8.1b" }, { "status": "affected", "version": "16.8.1s" }, { "status": "affected", "version": "16.8.1c" }, { "status": "affected", "version": "16.8.1d" }, { "status": "affected", "version": "16.8.2" }, { "status": "affected", "version": "16.8.1e" }, { "status": "affected", "version": "16.8.3" }, { "status": "affected", "version": "16.9.1" }, { "status": "affected", "version": "16.9.2" }, { "status": "affected", "version": "16.9.1a" }, { "status": "affected", "version": "16.9.1b" }, { "status": "affected", "version": "16.9.1s" }, { "status": "affected", "version": "16.9.3" }, { "status": "affected", "version": "16.9.4" }, { "status": "affected", "version": "16.9.3a" }, { "status": "affected", "version": "16.9.5" }, { "status": "affected", "version": "16.9.5f" }, { "status": "affected", "version": "16.9.6" }, { "status": "affected", "version": "16.9.7" }, { "status": "affected", "version": "16.9.8" }, { "status": "affected", "version": "16.10.1" }, { "status": "affected", "version": "16.10.1a" }, { "status": "affected", "version": "16.10.1b" }, { "status": "affected", "version": "16.10.1s" }, { "status": "affected", "version": "16.10.1c" }, { "status": "affected", "version": "16.10.1e" }, { "status": "affected", "version": "16.10.1d" }, { "status": "affected", "version": "16.10.2" }, { "status": "affected", "version": "16.10.1f" }, { "status": "affected", "version": "16.10.1g" }, { "status": "affected", "version": "16.10.3" }, { "status": "affected", "version": "3.10.0E" }, { "status": "affected", "version": "3.10.1E" }, { "status": "affected", "version": "3.10.0cE" }, { "status": "affected", "version": "3.10.2E" }, { "status": "affected", "version": "3.10.3E" }, { "status": "affected", "version": "16.11.1" }, { "status": "affected", "version": "16.11.1a" }, { "status": "affected", "version": "16.11.1b" }, { "status": "affected", "version": "16.11.2" }, { "status": "affected", "version": "16.11.1s" }, { "status": "affected", "version": "16.12.1" }, { "status": "affected", "version": "16.12.1s" }, { "status": "affected", "version": "16.12.1a" }, { "status": "affected", "version": "16.12.1c" }, { "status": "affected", "version": "16.12.1w" }, { "status": "affected", "version": "16.12.2" }, { "status": "affected", "version": "16.12.1y" }, { "status": "affected", "version": "16.12.2a" }, { "status": "affected", "version": "16.12.3" }, { "status": "affected", "version": "16.12.8" }, { "status": "affected", "version": "16.12.2s" }, { "status": "affected", "version": "16.12.1x" }, { "status": "affected", "version": "16.12.1t" }, { "status": "affected", "version": "16.12.4" }, { "status": "affected", "version": "16.12.3s" }, { "status": "affected", "version": "16.12.3a" }, { "status": "affected", "version": "16.12.4a" }, { "status": "affected", "version": "16.12.5" }, { "status": "affected", "version": "16.12.6" }, { "status": "affected", "version": "16.12.1z1" }, { "status": "affected", "version": "16.12.5a" }, { "status": "affected", "version": "16.12.5b" }, { "status": "affected", "version": "16.12.1z2" }, { "status": "affected", "version": "16.12.6a" }, { "status": "affected", "version": "16.12.7" }, { "status": "affected", "version": "16.12.9" }, { "status": "affected", "version": "16.12.10" }, { "status": "affected", "version": "16.12.10a" }, { "status": "affected", "version": "16.12.11" }, { "status": "affected", "version": "16.12.12" }, { "status": "affected", "version": "3.11.0E" }, { "status": "affected", "version": "3.11.1E" }, { "status": "affected", "version": "3.11.2E" }, { "status": "affected", "version": "3.11.3E" }, { "status": "affected", "version": "3.11.1aE" }, { "status": "affected", "version": "3.11.4E" }, { "status": "affected", "version": "3.11.3aE" }, { "status": "affected", "version": "3.11.5E" }, { "status": "affected", "version": "3.11.6E" }, { "status": "affected", "version": "3.11.7E" }, { "status": "affected", "version": "3.11.8E" }, { "status": "affected", "version": "3.11.9E" }, { "status": "affected", "version": "3.11.10E" }, { "status": "affected", "version": "3.11.11E" }, { "status": "affected", "version": "17.1.1" }, { "status": "affected", "version": "17.1.1a" }, { "status": "affected", "version": "17.1.1s" }, { "status": "affected", "version": "17.1.1t" }, { "status": "affected", "version": "17.1.3" }, { "status": "affected", "version": "17.2.1" }, { "status": "affected", "version": "17.2.1r" }, { "status": "affected", "version": "17.2.1a" }, { "status": "affected", "version": "17.2.1v" }, { "status": "affected", "version": "17.2.2" }, { "status": "affected", "version": "17.2.3" }, { "status": "affected", "version": "17.3.1" }, { "status": "affected", "version": "17.3.2" }, { "status": "affected", "version": "17.3.3" }, { "status": "affected", "version": "17.3.1a" }, { "status": "affected", "version": "17.3.1w" }, { "status": "affected", "version": "17.3.2a" }, { "status": "affected", "version": "17.3.1x" }, { "status": "affected", "version": "17.3.1z" }, { "status": "affected", "version": "17.3.4" }, { "status": "affected", "version": "17.3.5" }, { "status": "affected", "version": "17.3.4a" }, { "status": "affected", "version": "17.3.6" }, { "status": "affected", "version": "17.3.4b" }, { "status": "affected", "version": "17.3.4c" }, { "status": "affected", "version": "17.3.5a" }, { "status": "affected", "version": "17.3.5b" }, { "status": "affected", "version": "17.3.7" }, { "status": "affected", "version": "17.3.8" }, { "status": "affected", "version": "17.3.8a" }, { "status": "affected", "version": "17.4.1" }, { "status": "affected", "version": "17.4.2" }, { "status": "affected", "version": "17.4.1a" }, { "status": "affected", "version": "17.4.1b" }, { "status": "affected", "version": "17.4.2a" }, { "status": "affected", "version": "17.5.1" }, { "status": "affected", "version": "17.5.1a" }, { "status": "affected", "version": "17.6.1" }, { "status": "affected", "version": "17.6.2" }, { "status": "affected", "version": "17.6.1w" }, { "status": "affected", "version": "17.6.1a" }, { "status": "affected", "version": "17.6.1x" }, { "status": "affected", "version": "17.6.3" }, { "status": "affected", "version": "17.6.1y" }, { "status": "affected", "version": "17.6.1z" }, { "status": "affected", "version": "17.6.3a" }, { "status": "affected", "version": "17.6.4" }, { "status": "affected", "version": "17.6.1z1" }, { "status": "affected", "version": "17.6.5" }, { "status": "affected", "version": "17.6.6" }, { "status": "affected", "version": "17.6.6a" }, { "status": "affected", "version": "17.6.5a" }, { "status": "affected", "version": "17.6.7" }, { "status": "affected", "version": "17.6.8" }, { "status": "affected", "version": "17.6.8a" }, { "status": "affected", "version": "17.7.1" }, { "status": "affected", "version": "17.7.1a" }, { "status": "affected", "version": "17.7.1b" }, { "status": "affected", "version": "17.7.2" }, { "status": "affected", "version": "17.10.1" }, { "status": "affected", "version": "17.10.1a" }, { "status": "affected", "version": "17.10.1b" }, { "status": "affected", "version": "17.8.1" }, { "status": "affected", "version": "17.8.1a" }, { "status": "affected", "version": "17.9.1" }, { "status": "affected", "version": "17.9.1w" }, { "status": "affected", "version": "17.9.2" }, { "status": "affected", "version": "17.9.1a" }, { "status": "affected", "version": "17.9.1x" }, { "status": "affected", "version": "17.9.1y" }, { "status": "affected", "version": "17.9.3" }, { "status": "affected", "version": "17.9.2a" }, { "status": "affected", "version": "17.9.1x1" }, { "status": "affected", "version": "17.9.3a" }, { "status": "affected", "version": "17.9.4" }, { "status": "affected", "version": "17.9.1y1" }, { "status": "affected", "version": "17.9.5" }, { "status": "affected", "version": "17.9.4a" }, { "status": "affected", "version": "17.9.5a" }, { "status": "affected", "version": "17.9.5b" }, { "status": "affected", "version": "17.9.6" }, { "status": "affected", "version": "17.9.6a" }, { "status": "affected", "version": "17.9.5e" }, { "status": "affected", "version": "17.9.5f" }, { "status": "affected", "version": "17.11.1" }, { "status": "affected", "version": "17.11.1a" }, { "status": "affected", "version": "17.12.1" }, { "status": "affected", "version": "17.12.1w" }, { "status": "affected", "version": "17.12.1a" }, { "status": "affected", "version": "17.12.1x" }, { "status": "affected", "version": "17.12.2" }, { "status": "affected", "version": "17.12.3" }, { "status": "affected", "version": "17.12.2a" }, { "status": "affected", "version": "17.12.1y" }, { "status": "affected", "version": "17.12.1z" }, { "status": "affected", "version": "17.12.4" }, { "status": "affected", "version": "17.12.3a" }, { "status": "affected", "version": "17.12.1z1" }, { "status": "affected", "version": "17.12.4a" }, { "status": "affected", "version": "17.12.4b" }, { "status": "affected", "version": "17.13.1" }, { "status": "affected", "version": "17.13.1a" }, { "status": "affected", "version": "17.14.1" }, { "status": "affected", "version": "17.14.1a" }, { "status": "affected", "version": "17.11.99SW" }, { "status": "affected", "version": "17.15.1" }, { "status": "affected", "version": "17.15.1w" }, { "status": "affected", "version": "17.15.1a" }, { "status": "affected", "version": "17.15.1b" } ] } ], "descriptions": [ { "lang": "en", "value": "A vulnerability\u00a0in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device.\r\n\r This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root on the underlying operating system of an affected device. The security impact rating (SIR) of this advisory has been raised to High because an attacker could gain access to the underlying operating system of the affected device and perform potentially undetected actions.\r\n\r Note: The attacker must have privileges to enter configuration mode on the affected device. This is usually referred to as privilege level 15." } ], "exploits": [ { "lang": "en", "value": "The Cisco Product Security Incident Response Team is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:N", "version": "3.1" }, "format": "cvssV3_1" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-754", "description": "Improper Check for Unusual or Exceptional Conditions", "lang": "en", "type": "cwe" } ] } ], "providerMetadata": { "dateUpdated": "2025-05-07T17:44:57.035Z", "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco" }, "references": [ { "name": "cisco-sa-iosxe-privesc-su7scvdp", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp" } ], "source": { "advisory": "cisco-sa-iosxe-privesc-su7scvdp", "defects": [ "CSCwm64309" ], "discovery": "INTERNAL" } } }, "cveMetadata": { "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "assignerShortName": "cisco", "cveId": "CVE-2025-20201", "datePublished": "2025-05-07T17:44:57.035Z", "dateReserved": "2024-10-10T19:15:13.229Z", "dateUpdated": "2025-05-08T03:56:31.913Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…