CVE-2025-20141

Published: Mar 12, 2025Modified: Aug 6, 2025

7.4

Vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 4.0

Source: psirt@cisco.com (Secondary)

Description

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms.  This vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.

Affected (1)

Products: Cisco: Ios Xr

Cisco

1 product

Ios Xr

Configuration A

1 vulnerable · 46 platform

Vulnerable Software	Affected Versions
Cisco Ios Xr	Version 7.9.2

Running on/with	Platform Versions
Cisco Ncs 540 12z20g Sys A	All versions
Cisco Ncs 540 12z20g Sys D	All versions
Cisco Ncs 540 24q2c2dd Sys	All versions
Cisco Ncs 540 24q8l2dd Sys	All versions
Cisco Ncs 540 24z8q2c Sys	All versions
Cisco Ncs 540 28z4c Sys A	All versions
Cisco Ncs 540 28z4c Sys D	All versions
Cisco Ncs 540 6z14s Sys D	All versions
Cisco Ncs 540 6z18g Sys A	All versions
Cisco Ncs 540 6z18g Sys D	All versions
Cisco Ncs 540 Acc Sys	All versions
Cisco Ncs 540 Fh Agg	All versions
Cisco Ncs 540 Fh Csr Sys	All versions
Cisco Ncs 540x 12z16g Sys A	All versions
Cisco Ncs 540x 12z16g Sys D	All versions
Cisco Ncs 540x 16z4g8q2c A	All versions
Cisco Ncs 540x 16z4g8q2c D	All versions
Cisco Ncs 540x 16z8q2c D	All versions
Cisco Ncs 540x 4z14g2q A	All versions
Cisco Ncs 540x 4z14g2q D	All versions
Cisco Ncs 540x 6z18g Sys A	All versions
Cisco Ncs 540x 6z18g Sys D	All versions
Cisco Ncs 540x 8z16g Sys A	All versions
Cisco Ncs 540x 8z16g Sys D	All versions
Cisco Ncs 540x Acc Sys	All versions
Cisco Ncs 5501	All versions
Cisco Ncs 5501 Se	All versions
Cisco Ncs 5502	All versions
Cisco Ncs 5502 Se	All versions
Cisco Ncs 5504	All versions
Cisco Ncs 5508	All versions
Cisco Ncs 5516	All versions
Cisco Ncs 55a1 24h	All versions
Cisco Ncs 55a1 24q6h S	All versions
Cisco Ncs 55a1 24q6h Ss	All versions
Cisco Ncs 55a1 36h	All versions
Cisco Ncs 55a1 36h Se	All versions
Cisco Ncs 55a1 48q6h	All versions
Cisco Ncs 55a2 Mod Hd S	All versions
Cisco Ncs 55a2 Mod S	All versions
Cisco Ncs 55a2 Mod Se S	All versions
Cisco Ncs 57b1 5dse Sys	All versions
Cisco Ncs 57b1 6d24 Sys	All versions
Cisco Ncs 57c1 48q6 Sys	All versions
Cisco Ncs 57c3 Mod Sys	All versions
Cisco Ncs 57d2 18dd Sys	All versions

Related CWEs

CWE-770

Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

References (2)

https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/

Source: psirt@cisco.com

Product

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY

Source: psirt@cisco.com

Vendor Advisory

Timeline

No history available yet.