EXECUTIVE SUMMARY:
Here's an advisory on CVE-2025-20138, a high-severity vulnerability in IOS XR Software. This flaw, with a CVSS score of 8.8, allows authenticated local attackers to execute arbitrary commands as the root user on affected devices. The issue stems from inadequate validation of user-supplied arguments in specific CLI commands, enabling low-privileged users to escalate their privileges to root. The vulnerability affects all configurations of IOS XR 64-bit Software. IOS Software, IOS XE Software, IOS XR 32-bit Software, and NX-OS Software are not impacted. [/subscribe_to_unlock_form]
EXECUTIVE SUMMARY:
Here's an advisory on CVE-2025-20138, a high-severity vulnerability in IOS XR Software. This flaw, with a CVSS score of 8.8, allows authenticated local attackers to execute arbitrary commands as the root user on affected devices. The issue stems from inadequate validation of user-supplied arguments in specific CLI commands, enabling low-privileged users to escalate their privileges to root. The vulnerability affects all configurations of IOS XR 64-bit Software. IOS Software, IOS XE Software, IOS XR 32-bit Software, and NX-OS Software are not impacted. [emaillocker id="1283"]
RECOMMENDATION:
We recommend you refer below mentioned link to apply IOS XR Software patch:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF
REFERENCES:
The following reports contain further technical details:
https://securityonline.info/cisco-issues-high-severity-security-alert-for-ios-xr-software-cve-2025-20138/