CVE-2025-20141

HIGH

Cisco IOS XR 7.9.2 - Unauthenticated Denial of Service via Punted Packet Handling

Title source: llm

Description

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms.  This vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.

References (2)

Core 2

Core References

Product

https://blog.apnic.net/2024/09/02/crafting-endless-as-paths-in-bgp/

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr792-bWfVDPY

Scores

CVSS v3 7.4

EPSS 0.0008

EPSS Percentile 23.2%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-770

Status published

Products (1)

cisco/ios_xr 7.9.2

Published Mar 12, 2025

Tracked Since Feb 18, 2026