CVSS: 7.4EPSS: 0%CPEs: 105EXPL: 0CVE-2025-20340 – Cisco IOS XR Address Resolution Protocol Broadcast Storm Vulnerability
https://notcve.org/view.php?id=CVE-2025-20340
10 Sep 2025 — A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device. This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the ma... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-arp-storm-EjUU55yM • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.3EPSS: 0%CPEs: 74EXPL: 0CVE-2025-20159 – Cisco IOS XR Software Management Interface ACL Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20159
10 Sep 2025 — A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features. This vulnerability exists because management interface ACLs have not been supported on Cisco IOS XR Software Packet I/O infrastructure platforms for Linux-handled features such as SSH, NetConf, or gRPC. An attacker could exploit this vulnerability by attempting to send traffic to an... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-acl-packetio-Swjhhbtz • CWE-284: Improper Access Control •
CVSS: 6.0EPSS: 0%CPEs: 90EXPL: 0CVE-2025-20248 – Cisco IOS XR Software Image Verification Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20248
10 Sep 2025 — A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability is due to incomplete validation of files during the installation of an .iso file. An attacker could exploit this vulnerability by modifying contents of the .iso image ... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrsig-UY4zRUCG • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.6EPSS: 0%CPEs: 92EXPL: 0CVE-2025-20154 – Cisco IOS, IOS XE and IOS XR Software TWAMP Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20154
07 May 2025 — A vulnerability in the Two-Way Active Measurement Protocol (TWAMP) server feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. For Cisco IOS XR Software, this vulnerability could cause the ipsla_ippm_server process to reload unexpectedly if debugs are enabled. This vulnerability is due to out-of-bounds array access when processing specially crafted TWAMP control p... • https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-twamp-kV4FHugn • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 40EXPL: 0CVE-2025-20209 – Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20209
12 Mar 2025 — A vulnerability in the Internet Key Exchange version 2 (IKEv2) function of Cisco IOS XR Software could allow an unauthenticated, remote attacker to prevent an affected device from processing any control plane UDP packets. This vulnerability is due to improper handling of malformed IKEv2 packets. An attacker could exploit this vulnerability by sending malformed IKEv2 packets to an affected device. A successful exploit could allow the attacker to prevent the affected device from processing any control p... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 6.7EPSS: 0%CPEs: 67EXPL: 0CVE-2025-20177 – Cisco IOS XR Software Image Verification Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20177
12 Mar 2025 — A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR image signature verification and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability is due to incomplete validation of files in the boot verification process. An attacker could exploit this vulnerability by manipulating the system configuration options to bypass som... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-274: Improper Handling of Insufficient Privileges •
CVSS: 5.8EPSS: 0%CPEs: 61EXPL: 0CVE-2025-20145 – Cisco IOS XR Software Access Control List Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20145
12 Mar 2025 — A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affect... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.8EPSS: 0%CPEs: 43EXPL: 0CVE-2025-20144 – Cisco IOS XR Software Access Control List Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20144
12 Mar 2025 — A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass a configured ACL on the affected device. For more info... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-284: Improper Access Control •
CVSS: 6.7EPSS: 0%CPEs: 59EXPL: 0CVE-2025-20143 – Cisco IOS XR Software Secure Boot Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2025-20143
12 Mar 2025 — A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Secure Boot functionality and load unverified software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability is due to insufficient verification of modules in the software load process. An attacker could exploit this vulnerability by manipulating the loaded binaries to bypass some ... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.6EPSS: 0%CPEs: 34EXPL: 0CVE-2025-20142 – Cisco IOS XR Software for ASR 9000 Series Routers L2VPN Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2025-20142
12 Mar 2025 — A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed IPv4 packets that are received on line car... • https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp • CWE-20: Improper Input Validation •