CVE-2025-20137

MEDIUM EPSS 13.5%
Published May 7, 20251y ago · Modified Jun 17, 20262w ago
4.7 CVSS 3.1
Medium
Find Similar
Published May 7, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A vulnerability in the access control list (ACL) programming of Cisco IOS Software that is running on Cisco Catalyst 1000 Switches and Cisco Catalyst 2960L Switches could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to the use of both an IPv4 ACL and a dynamic ACL of IP Source Guard on the same interface, which is an unsupported configuration. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. Note: Cisco documentation has been updated to reflect that this is an unsupported configuration. However, Cisco is publishing this advisory because the device will not prevent an administrator from configuring both features on the same interface. There are no plans to implement the ability to configure both features on the same interface on Cisco Catalyst 1000 or Catalyst 2960L Switches.

CVSS Details

Base Score
4.7
Exploitability
2.8
Impact
1.4
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Attack Vector Adjacent
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
13.5% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-284

Affected Products 75

VendorProductVersionRange
ciscoios15.2\(5a\)eany
ciscoios15.2\(5b\)eany
ciscoios15.2\(5c\)eany
ciscoios15.2\(6\)eany
ciscoios15.2\(6\)e0cany
ciscoios15.2\(6\)e1any
ciscoios15.2\(6\)e2any
ciscoios15.2\(6\)e2bany
ciscoios15.2\(6\)e3any
ciscoios15.2\(7\)eany
ciscoios15.2\(7\)e0aany
ciscoios15.2\(7\)e0sany
ciscoios15.2\(7\)e1any
ciscoios15.2\(7\)e1aany
ciscoios15.2\(7\)e2any
ciscoios15.2\(7\)e3any
ciscoios15.2\(7\)e3kany
ciscoios15.2\(7\)e4any
ciscoios15.2\(7\)e5any
ciscoios15.2\(7\)e6any
ciscoios15.2\(7\)e7any
ciscoios15.2\(7\)e8any
ciscoios15.2\(7\)e9any
ciscoios15.2\(7\)e10any
ciscoios15.2\(7\)e11any
ciscoios15.2\(7\)e12any
ciscoios15.2\(7a\)e0bany
ciscoios15.2\(7b\)e0bany
ciscoios15.2\(8\)eany
ciscoios15.2\(8\)e1any
ciscoios15.2\(8\)e2any
ciscoios15.2\(8\)e3any
ciscoios15.2\(8\)e4any
ciscoios15.2\(8\)e5any
ciscoios15.2\(8\)e6any
ciscocatalyst_1000-16fp-2g-l*any
ciscocatalyst_1000-16p-2g-l*any
ciscocatalyst_1000-16t-2g-l*any
ciscocatalyst_1000-16t-e-2g-l*any
ciscocatalyst_1000-24fp-4g-l*any
ciscocatalyst_1000-24fp-4x-l*any
ciscocatalyst_1000-24p-4g-l*any
ciscocatalyst_1000-24p-4x-l*any
ciscocatalyst_1000-24pp-4g-l*any
ciscocatalyst_1000-24t-4g-l*any
ciscocatalyst_1000-24t-4x-l*any
ciscocatalyst_1000-48fp-4g-l*any
ciscocatalyst_1000-48fp-4x-l*any
ciscocatalyst_1000-48p-4g-l*any
ciscocatalyst_1000-48p-4x-l*any
ciscocatalyst_1000-48pp-4g-l*any
ciscocatalyst_1000-48t-4g-l*any
ciscocatalyst_1000-48t-4x-l*any
ciscocatalyst_1000-8fp-2g-l*any
ciscocatalyst_1000-8fp-e-2g-l*any
ciscocatalyst_1000-8p-2g-l*any
ciscocatalyst_1000-8p-e-2g-l*any
ciscocatalyst_1000-8t-2g-l*any
ciscocatalyst_1000-8t-e-2g-l*any
ciscocatalyst_1000fe-24p-4g-l*any
ciscocatalyst_1000fe-24t-4g-l*any
ciscocatalyst_1000fe-48p-4g-l*any
ciscocatalyst_1000fe-48t-4g-l*any
ciscocatalyst_2960l-16ps-ll*any
ciscocatalyst_2960l-16ts-ll*any
ciscocatalyst_2960l-24pq-ll*any
ciscocatalyst_2960l-24ps-ll*any
ciscocatalyst_2960l-24tq-ll*any
ciscocatalyst_2960l-24ts-ll*any
ciscocatalyst_2960l-48pq-ll*any
ciscocatalyst_2960l-48ps-ll*any
ciscocatalyst_2960l-48tq-ll*any
ciscocatalyst_2960l-48ts-ll*any
ciscocatalyst_2960l-8ps-ll*any
ciscocatalyst_2960l-8ts-ll*any

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ipsgacl-pg6qfZk
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.