Security Advisory

Cisco Family March 2025 First Round Security Update Advisory

  • Mar 14 2025
Cisco Family March 2025 First Round Security Update Advisory

Overview

 

Cisco(https://www.cisco.com) has released a security update that fixes vulnerabilities in products it has been made. Users of affected systems are advised to update to the latest version.

 

Affected Products

 

Cisco IOS XR Software

 

Resolved Vulnerabilities

 

Vulnerability in Cisco IOS XR Software due to insufficient data validation, allowing elevation of privilege to administrator level (CVE-2025-20138, CVSS 8.8) [1]

Insufficient data handling in Cisco IOS XR Software that could lead to a network processor error (CVE-2025-20142, CVSS 8.6) [2]

Vulnerability in Cisco IOS XR Software due to insufficient data handling, resulting in a line card exception or hard reset (CVE-2025-20146, CVSS 8.6) [3]

Vulnerability in Cisco IOS XR Software due to memory corruption that occurs when a BGP update is generated with an AS_CONFED_SEQUENCE attribute with 255 autonomous system numbers (AS numbers), resulting in a memory corruption (CVE-2025-20115, CVSS 8.6) [4]

Vulnerability in Cisco IOS XR Software due to insufficient data validation, which prevents affected devices from processing control plane UDP packets (CVE-2025-20209, CVSS 7.5) [5]

Vulnerability in Cisco IOS XR Software due to insufficient data handling that could cause control plane traffic to crash (CVE-2025-20141, CVSS 7.4) [6]

Vulnerability in Cisco IOS XR Software to control boot configuration due to incomplete validation of a file in the boot verification process (CVE-2025-20177, CVSS 6.7) [6]

Vulnerability to control boot configuration due to lack of module validation in the software load process in Cisco IOS XR Software (CVE-2025-20143, CVSS 6.7) [8]

 

Vulnerability Patches

 

Product-specific Vulnerability Patches were made available in the March 12, 2025 update. please refer to the ‘Affected Products’ and ‘Fixed Software’ in the product-specific information in the Referenced Sites below to apply the patches.

 

Referenced Sites

 

[1] Cisco IOS XR Software CLI Privilege Escalation Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF

[2] Cisco IOS XR Software for ASR 9000 Series Routers IPv4 Unicast Packets Denial of Service Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipv4uni-LfM3cfBu

[3] Cisco IOS XR Software for ASR 9000 Series Routers Layer 3 Multicast Denial of Service Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-multicast-ERMrSvq7

[4] Cisco IOS XR Software Border Gateway Protocol Confederation Denial of Service Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-bgp-dos-O7stePhX

[5] Cisco IOS XR Software Internet Key Exchange Version 2 Denial of Service Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrike-9wYGpRGq

[6] Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY

[7] Cisco IOS XR Software Image Verification Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-xr-verii-bypass-HhPwQRvx

[8] Cisco IOS XR Software Secure Boot Bypass Vulnerability

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-lkm-zNErZjbZ

Tags:
Previous Post

Next Post