CVE-2025-20144

MEDIUM EPSS 23.9%
Published Mar 12, 20251y ago · Modified Jun 17, 20261w ago
5.8 CVSS 3.1
Medium
Find Similar
Published Mar 12, 2025 1y ago
Last Modified Jun 17, 2026 1w ago

Description

A vulnerability in the hybrid access control list (ACL) processing of IPv4 packets in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incorrect handling of packets when a specific configuration of the hybrid ACL exists. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass a configured ACL on the affected device. For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

CVSS Details

Base Score
5.8
Exploitability
3.9
Impact
1.4
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality None
Integrity Low
Availability None

Threat Intelligence

EPSS Exploit Probability
23.9% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-284

Affected Products 81

VendorProductVersionRange
ciscoios_xr6.5.1any
ciscoios_xr6.5.2any
ciscoios_xr6.5.3any
ciscoios_xr6.5.92any
ciscoios_xr6.5.93any
ciscoios_xr6.6.1any
ciscoios_xr6.6.2any
ciscoios_xr6.6.3any
ciscoios_xr6.6.4any
ciscoios_xr6.6.25any
ciscoios_xr7.0.1any
ciscoios_xr7.0.2any
ciscoios_xr7.0.90any
ciscoios_xr7.1.1any
ciscoios_xr7.1.2any
ciscoios_xr7.2.1any
ciscoios_xr7.2.2any
ciscoios_xr7.3.1any
ciscoios_xr7.3.2any
ciscoios_xr7.3.3any
ciscoios_xr7.3.4any
ciscoios_xr7.3.5any
ciscoios_xr7.3.6any
ciscoios_xr7.4.1any
ciscoios_xr7.4.2any
ciscoios_xr7.5.1any
ciscoios_xr7.5.2any
ciscoios_xr7.5.3any
ciscoios_xr7.5.4any
ciscoios_xr7.5.5any
ciscoios_xr7.6.1any
ciscoios_xr7.6.2any
ciscoios_xr7.7.1any
ciscoios_xr7.7.2any
ciscoios_xr7.7.21any
ciscoios_xr7.8.1any
ciscoios_xr7.8.2any
ciscoios_xr7.8.22any
ciscoios_xr7.9.1any
ciscoios_xr7.9.2any
ciscoios_xr7.10.1any
ciscoios_xr7.10.2any
ciscoios_xr7.11.1any
cisconcs_540-12z20g-sys-a*any
cisconcs_540-12z20g-sys-d*any
cisconcs_540-24q2c2dd-sys*any
cisconcs_540-24q8l2dd-sys*any
cisconcs_540-24z8q2c-sys*any
cisconcs_540-28z4c-sys-a*any
cisconcs_540-28z4c-sys-d*any
cisconcs_540-6z14s-sys-d*any
cisconcs_540-6z18g-sys-a*any
cisconcs_540-6z18g-sys-d*any
cisconcs_540-acc-sys*any
cisconcs_540-fh-agg*any
cisconcs_540-fh-csr-sys*any
cisconcs_540x-12z16g-sys-a*any
cisconcs_540x-12z16g-sys-d*any
cisconcs_540x-16z4g8q2c-a*any
cisconcs_540x-16z4g8q2c-d*any
cisconcs_540x-16z8q2c-d*any
cisconcs_540x-4z14g2q-a*any
cisconcs_540x-4z14g2q-d*any
cisconcs_540x-6z18g-sys-a*any
cisconcs_540x-6z18g-sys-d*any
cisconcs_540x-8z16g-sys-a*any
cisconcs_540x-8z16g-sys-d*any
cisconcs_540x-acc-sys*any
cisconcs_5501*any
cisconcs_5501-se*any
cisconcs_5502*any
cisconcs_5502-se*any
cisconcs_5508*any
cisconcs_5516*any
cisconcs_560-4*any
cisconcs_560-7*any
cisconcs_57b1-5dse-sys*any
cisconcs_57b1-6d24-sys*any
cisconcs_57c1-48q6-sys*any
cisconcs_57c3-mod-sys*any
cisconcs_57d2-18dd-sys*any

References 2

  • blog.apnic.net https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/
    Technical Description
  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ncs-hybridacl-crMZFfKQ
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.