Cisco has released patches for three critical vulnerabilities in IOS XR software, including issues with image signature verification, ARP processing, and ACL bypass capabilities. These vulnerabilities pose significant risks such as remote code execution, DoS attacks, and ACL bypass, urging immediate application of updates. #IOSXR #CVE20252048 #CVE202520340 #CVE202520159
Keypoints
- Cisco released security patches for three vulnerabilities in IOS XR software.
- The first vulnerability allows bypassing image signature verification, raising its severity to high.
- The second flaw involves ARP traffic processing, which could lead to DoS attacks via traffic overload.
- The third issue permits bypassing ACL protections on SSH, NetConf, and gRPC interfaces.
<li,Cisco recommends applying patches promptly as there have been no reports of exploitation in the wild.
Read More: https://www.securityweek.com/cisco-patches-high-severity-ios-xr-vulnerabilities/