CVE-2025-20340

HIGH

Cisco IOS XR Software - Unauthenticated Denial of Service via ARP Broadcast Storm

Title source: llm

Description

A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device.  This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities. A successful exploit could result in degraded device performance, loss of management connectivity, and complete unresponsiveness of the system, leading to a DoS condition.

References (1)

Core 1

Core References

Various Sources

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-arp-storm-EjUU55yM

Scores

CVSS v3 7.4

EPSS 0.0003

EPSS Percentile 10.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-400

Status published

Products (50)

Cisco/Cisco IOS XR Software 24.1.1

Cisco/Cisco IOS XR Software 24.1.2

Cisco/Cisco IOS XR Software 24.2.1

Cisco/Cisco IOS XR Software 24.2.11

Cisco/Cisco IOS XR Software 24.2.2

Cisco/Cisco IOS XR Software 24.2.20

Cisco/Cisco IOS XR Software 24.3.1

Cisco/Cisco IOS XR Software 24.3.2

Cisco/Cisco IOS XR Software 24.3.20

Cisco/Cisco IOS XR Software 24.3.30

... and 40 more

Published Sep 10, 2025

Tracked Since Feb 18, 2026