Sunday, May 25, 2025
HomeCVE/vulnerabilityCisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks

Cisco Warns of Critical IOS XR Vulnerability Enabling DoS Attacks

Published on

SIEM as a Service

Follow Us on Google News

Cisco has issued a security advisory warning of a vulnerability in its IOS XR Software that could allow attackers to launch denial-of-service (DoS) attacks.

 The vulnerability, identified as CVE-2025-20115, affects the Border Gateway Protocol (BGP) confederation implementation.

The CVE-2025-20115 vulnerability affects the Border Gateway Protocol (BGP) confederation implementation in Cisco IOS XR Software, potentially allowing an unauthenticated, remote attacker to cause a denial-of-service (DoS) condition.

- Advertisement - Google News

Overview of the vulnerability

This vulnerability arises from a memory corruption issue that occurs when a BGP update contains an AS_CONFED_SEQUENCE attribute with 255 or more autonomous system numbers.

An attacker could exploit this vulnerability by sending crafted BGP update messages or by configuring the network in such a way that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.

To exploit the vulnerability, an attacker must either control a BGP confederation speaker within the same autonomous system as the target or engineer the network to meet this specific AS path length condition.

A successful exploit can lead to memory corruption, potentially causing the BGP process to restart, which results in a DoS condition and disrupts network operations.

The vulnerability has a CVSS score of 8.6 based on CVSS:3.1 and aligns with CWE-120, Buffer Copy without Checking Size of Data.

Affected Product

ProductCVEAdvisory Link
Cisco IOS XR SoftwareCVE-2025-20115Cisco Security Advisory

To exploit this vulnerability, an attacker must either control a BGP confederation speaker within the same autonomous system as the target or engineer the network so that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.

This highlights the risk of network design contributing to vulnerability.

Cisco has released software updates to address this issue. Additionally, a workaround is available by implementing a routing policy to restrict the BGP AS path length to 254 AS numbers or fewer.

While this workaround has been tested and proven effective, customers should evaluate its applicability and potential impact on their specific network environment.

This vulnerability underscores the importance of regular software updates and network configuration reviews.

Customers are advised to consult with Cisco’s technical support for tailored advice and to ensure that any updates or workarounds are suitable for their specific setup.

Are you from SOC/DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free. 

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...

Hackers Target macOS Users with Fake Ledger Apps to Deploy Malware

Hackers are increasingly targeting macOS users with malicious clones of Ledger Live, the popular...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Zero-Trust Policy Bypass Enables Exploitation of Vulnerabilities and Manipulation of NHI Secrets

A new project has exposed a critical attack vector that exploits protocol vulnerabilities to...

Threat Actor Sells Burger King Backup System RCE Vulnerability for $4,000

A threat actor known as #LongNight has reportedly put up for sale remote code...

Chinese Nexus Hackers Exploit Ivanti Endpoint Manager Mobile Vulnerability

Ivanti disclosed two critical vulnerabilities, identified as CVE-2025-4427 and CVE-2025-4428, affecting Ivanti Endpoint Manager...