Trending: Kyndryl Unveils Advanced Agentic AI for Business ScalingIntel 471 Unveils Updated Cyber Intelligence HandbookMastercard Launches Digital Ambassadors Forum to Shape Future of Global Digital GovernanceAccenture Secures Aidemy Acquisition via Tender OfferAgentforce Transforms Life Sciences Engagement; Fidia AdoptsSalesforce Launches MuleSoft Agent Fabric to Tackle Rising AI Agent SprawlMicrosoft Blocks AI-Obfuscated Phishing CampaignMassRobotics, AWS & NVIDIA Launch Physical AI FellowshipMorse Micro Mass Produces MM8108 Wi-Fi HaLow SoC & KitsHuawei Launches Most Powerful SuperPoDs, ClustersHyperconverged vs. Composable Infrastructure: What Fits Your Data Center?Visa and TECH5 Join Forces on Global Digital IdentityCybersecurity Best Practices to Protect Financial Data in CloudCisco Releases Patches for IOS XR Security FlawsUCaaS Solutions: Transform How Your Teams Connect & CollaborateProteanTecs Secures $51M to Advance Chip Performance MonitoringPredictive Modeling: Key Applications and InsightsOpenAI and Oracle Ink $300B Cloud Deal to Accelerate AI Growth
blog-image

Cisco Releases Patches for IOS XR Security Flaws

Cisco released patches for three IOS XR vulnerabilities in its September 2025 security advisory, addressing risks with updates to enhance protection.

Cisco has issued patches for three IOS XR software vulnerabilities in its September 2025 bundled security advisory.

Tracked as CVE-2025-20248 with a CVSS score of 6, the first vulnerability is a high-severity flaw within the IOS XR installation process that has the potential to allow attackers to bypass the image signature verification mechanism.

According to Cisco, if exploited successfully, this bug could enable the addition of unsigned files into an ISO image, which might then be installed and activated on an affected device. Owing to the risk posed by this bypass of the image verification procedure, Cisco has raised the overall security impact rating of the advisory from medium to high.

The second IOS XR vulnerability addressed this week is CVE-2025-20340 (CVSS score of 7.4), a flaw in the software’s Address Resolution Protocol (ARP) implementation. This bug could be exploited by unauthenticated, adjacent attackers to trigger a denial-of-service (DoS) condition.

“This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities,”

Cisco explains.

The third vulnerability is a medium-severity flaw in IOS XR’s ACL processing function that could enable unauthenticated, remote attackers to send traffic to a vulnerable device and bypass the configured ACLs for SSH, NetConf, and gRPC services.

Identified as CVE-2025-20159 (CVSS score of 5.3), this issue arises because the IOS XR packet I/O infrastructure platforms for SSH, NetConf, and gRPC do not support management interface ACLs.

Cisco reports that none of these vulnerabilities have been observed as exploited in the wild. However, the company urges users to apply the released patches promptly, noting that threat actors have a history of targeting Cisco flaws.