CVE-2023-20135

MEDIUM

Cisco IOS XR 7.5.2-7.6 - Authenticated Remote Code Execution via ISO Image Verification Race Condition

Title source: llm

Description

A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device.

References (1)

Core 1

Core References

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lnt-L9zOkBz5

Scores

CVSS v3 5.7

EPSS 0.0002

EPSS Percentile 3.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-367 CWE-347

Status published

Products (1)

cisco/ios_xr 7.5.2 - 7.6

Published Sep 13, 2023

Tracked Since Feb 18, 2026