CVE-2025-20181

MEDIUM

Cisco IOS - Code Injection

Title source: llm

Description

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to missing signature verification for specific files that may be loaded during the device boot process. An attacker could exploit this vulnerability by placing a crafted file into a specific location on an affected device. A successful exploit could allow the attacker to execute arbitrary code at boot time. Because this allows the attacker to bypass a major security feature of the device, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High.

References (1)

[Vendor Advisory] https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-c2960-3560-sboot-ZtqADrHq

Scores

CVSS v3 6.8

EPSS 0.0011

EPSS Percentile 28.3%

Attack Vector PHYSICAL

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-347

Status published

Products (50)

cisco/ios 15.0\(1\)ex

cisco/ios 15.0\(1\)ey

cisco/ios 15.0\(1\)ey1

cisco/ios 15.0\(1\)ey2

cisco/ios 15.0\(1\)xo

cisco/ios 15.0\(1\)xo1

cisco/ios 15.0\(2\)ex

cisco/ios 15.0\(2\)ex1

cisco/ios 15.0\(2\)ex2

cisco/ios 15.0\(2\)ex3

... and 40 more

Published May 07, 2025

Tracked Since Feb 18, 2026