Cisco on Wednesday announced patches for 10 vulnerabilities in IOS XR, including five that could be exploited to cause denial-of-service (DoS) conditions.
The most severe of the DoS flaws are CVE-2025-20142 and CVE-2025-20146, high-severity issues that impact the IPv4 access control list (ACL) feature, quality of service (QoS) policy, and the Layer 3 multicast feature of ASR 9000 series, ASR 9902, and ASR 9903 routers.
The incorrect handling of malformed IPv4 packets on devices with ACL or QoS policies applied could allow attackers to send crafted IPv4 packets and cause network processor errors, line card exceptions, or resets, leading to DoS.
Cisco also patched high-severity bugs in the Internet Key Exchange version 2 (IKEv2) function (CVE-2025-20209) and in the handling of specific packets (CVE-2025-20141) in IOS XR that could lead to DoS conditions.
The fifth DoS vulnerability, a medium-severity issue in the confederation implementation for BGP in IOS XR, which could be exploited remotely, without authentication, was publicly reported in September 2024, Cisco warns.
On Wednesday, the tech giant also announced patches for a high-severity vulnerability in the CLI of IOS XR that could allow an attacker to execute arbitrary commands as root.
Tracked as CVE-2025-20138, the bug exists because user arguments passed to the CLI are not validated enough, allowing an attacker to use crafted commands at the prompt and elevate their privileges.
Two other high-severity IOS XR security defects addressed on Wednesday could allow an attacker with root-system privileges to bypass Secure Boot functionality (CVE-2025-20143) or image signature verification (CVE-2025-20177) and load unverified software.
Cisco also resolved two medium-severity hybrid access control list (ACL) bypass issues that exist due to incorrect handling of packets.
The tech giant says it is not aware of any of these vulnerabilities being exploited in the wild. Additional information can be found on Cisco’s security advisories page or in the company’s March 2025 IOS XR security bulletin.
Related: Cisco Patches Vulnerabilities in Nexus Switches
Related: Cisco Patches Critical Vulnerabilities in Enterprise Security Product
Related: SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver
Related: ICS Patch Tuesday: Advisories Published by CISA, Schneider Electric, Siemens
