Thursday, May 8, 2025
HomeCVE/vulnerabilityCisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks

Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks

Published on

SIEM as a Service

Follow Us on Google News

Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks.

 The vulnerability, identified as CVE-2025-20115, affects the Border Gateway Protocol (BGP) confederation implementation.

The CVE-2025-20115 vulnerability affects the Border Gateway Protocol (BGP) confederation implementation in Cisco IOS XR Software, potentially allowing an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.

- Advertisement - Google News

Overview of the vulnerability

This vulnerability arises from a memory corruption issue that occurs when a BGP update contains an AS_CONFED_SEQUENCE attribute with 255 or more autonomous system numbers.

An attacker could exploit this vulnerability by sending crafted BGP update messages or by configuring the network in such a way that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.

To exploit the vulnerability, an attacker must either control a BGP confederation speaker within the same autonomous system as the target or engineer the network to meet this specific AS path length condition.

A successful exploit can lead to memory corruption, potentially causing the BGP process to restart, which results in a DoS condition and disrupts network operations.

The vulnerability has a CVSS score of 8.6 based on CVSS:3.1 and aligns with CWE-120, Buffer Copy without Checking Size of Data.

Affected Product

ProductCVEAdvisory Link
Cisco IOS XR SoftwareCVE-2025-20115Cisco Security Advisory

To exploit this vulnerability, an attacker must either control a BGP confederation speaker within the same autonomous system as the target or engineer the network so that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.

This highlights the risk of network design contributing to vulnerability.

Cisco has released software updates to address this issue. Additionally, a workaround is available by implementing a routing policy to restrict the BGP AS path length to 254 AS numbers or fewer.

While this workaround has been tested and proven effective, customers should evaluate its applicability and potential impact on their specific network environment.

This vulnerability underscores the importance of regular software updates and network configuration reviews.

Customers are advised to consult with Cisco’s technical support for tailored advice and to ensure that any updates or workarounds are suitable for their specific setup.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free. 

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Microsoft Bookings Vulnerability Allows Unauthorized Changes to Meeting Details

Security researchers have uncovered a significant vulnerability in Microsoft Bookings, the scheduling tool integrated...

Nmap 7.96 Released with Enhanced Scanning Capabilities and Updated Libraries

The popular network mapping and security auditing tool Nmap has released version 7.96, featuring...

Cisco IOS XE Vulnerability Allows Attackers to Gain Elevated Privileges

Cisco has issued an urgent security advisory (ID: cisco-sa-iosxe-privesc-su7scvdp) following the discovery of multiple...

Cisco IOS, XE, and XR Vulnerability Allows Remote Device Reboots

 Cisco has issued an urgent security advisory (cisco-sa-twamp-kV4FHugn) warning of a critical vulnerability in...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Microsoft Bookings Vulnerability Allows Unauthorized Changes to Meeting Details

Security researchers have uncovered a significant vulnerability in Microsoft Bookings, the scheduling tool integrated...

Nmap 7.96 Released with Enhanced Scanning Capabilities and Updated Libraries

The popular network mapping and security auditing tool Nmap has released version 7.96, featuring...

Cisco IOS XE Vulnerability Allows Attackers to Gain Elevated Privileges

Cisco has issued an urgent security advisory (ID: cisco-sa-iosxe-privesc-su7scvdp) following the discovery of multiple...