Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2025-2128
Vulnerability from csaf_certbund - Published: 2025-09-24 22:00 - Updated: 2025-09-24 22:00Summary
Cisco IOS XE: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Cisco Internetwork Operating System (IOS) ist ein Betriebssystem, das für Cisco Geräte wie z. B. Router und Switches eingesetzt wird.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Cisco IOS XE ausnutzen, um Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsmaßnahmen zu umgehen.
Betroffene Betriebssysteme
- CISCO Appliance
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Cisco Internetwork Operating System (IOS) ist ein Betriebssystem, das f\u00fcr Cisco Ger\u00e4te wie z. B. Router und Switches eingesetzt wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Cisco IOS XE ausnutzen, um Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen und Sicherheitsma\u00dfnahmen zu umgehen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- CISCO Appliance",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-2128 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-2128.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-2128 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-2128"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-9800cl-openscep-SB4xtxzP vom 2025-09-24",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-9800cl-openscep-SB4xtxzP"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-cat9k-PtmD7bgy vom 2025-09-24",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat9k-PtmD7bgy"
},
{
"category": "external",
"summary": "Cisco Security Advisory cisco-sa-cat9k-acl-L4K7VXgD vom 2025-09-24",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat9k-acl-L4K7VXgD"
}
],
"source_lang": "en-US",
"title": "Cisco IOS XE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-09-24T22:00:00.000+00:00",
"generator": {
"date": "2025-09-25T10:06:16.184+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-2128",
"initial_release_date": "2025-09-24T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "Catalyst 9800 Wireless Controllers for Cloud",
"product": {
"name": "Cisco IOS XE Catalyst 9800 Wireless Controllers for Cloud",
"product_id": "T047166",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:catalyst_9800_wireless_controllers_for_cloud"
}
}
},
{
"category": "product_version",
"name": "Catalyst 9000 Switches",
"product": {
"name": "Cisco IOS XE Catalyst 9000 Switches",
"product_id": "T047167",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:catalyst_9000_switches"
}
}
},
{
"category": "product_version",
"name": "Catalyst 9500X and 9600X Switches",
"product": {
"name": "Cisco IOS XE Catalyst 9500X and 9600X Switches",
"product_id": "T047168",
"product_identification_helper": {
"cpe": "cpe:/o:cisco:ios_xe:catalyst_9500x_and_9600x_switches"
}
}
}
],
"category": "product_name",
"name": "IOS XE"
}
],
"category": "vendor",
"name": "Cisco"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-20293",
"product_status": {
"known_affected": [
"T047166"
]
},
"release_date": "2025-09-24T22:00:00.000+00:00",
"title": "CVE-2025-20293"
},
{
"cve": "CVE-2025-20311",
"product_status": {
"known_affected": [
"T047167"
]
},
"release_date": "2025-09-24T22:00:00.000+00:00",
"title": "CVE-2025-20311"
},
{
"cve": "CVE-2025-20316",
"product_status": {
"known_affected": [
"T047168"
]
},
"release_date": "2025-09-24T22:00:00.000+00:00",
"title": "CVE-2025-20316"
}
]
}
CVE-2025-20293 (GCVE-0-2025-20293)
Vulnerability from cvelistv5 – Published: 2025-09-24 17:15 – Updated: 2025-09-24 17:31
VLAI?
EPSS
Summary
A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) could allow an unauthenticated, remote attacker to access the public-key infrastructure (PKI) server that is running on an affected device.
This vulnerability is due to incomplete cleanup upon completion of the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests to an affected device. A successful exploit could allow the attacker to request a certificate from the virtual wireless controller and then use the acquired certificate to join an attacker-controlled device to the virtual wireless controller.
Severity ?
5.3 (Medium)
CWE
- CWE-459 - Incomplete Cleanup
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Affected:
16.10.1
Affected: 16.10.1s Affected: 16.10.1e Affected: 16.11.1 Affected: 16.11.1a Affected: 16.11.1b Affected: 16.12.1 Affected: 16.12.1s Affected: 16.12.3 Affected: 16.12.8 Affected: 16.12.2s Affected: 16.12.1t Affected: 16.12.4 Affected: 16.12.3s Affected: 16.12.4a Affected: 16.12.5 Affected: 16.12.6 Affected: 16.12.6a Affected: 16.12.7 Affected: 17.1.1 Affected: 17.1.1s Affected: 17.1.1t Affected: 17.1.3 Affected: 17.2.1 Affected: 17.2.1a Affected: 17.3.1 Affected: 17.3.2 Affected: 17.3.3 Affected: 17.3.2a Affected: 17.3.4 Affected: 17.3.5 Affected: 17.3.6 Affected: 17.3.4c Affected: 17.3.5a Affected: 17.3.5b Affected: 17.3.7 Affected: 17.3.8 Affected: 17.3.8a Affected: 17.4.1 Affected: 17.5.1 Affected: 17.6.1 Affected: 17.6.2 Affected: 17.6.3 Affected: 17.6.4 Affected: 17.6.5 Affected: 17.6.6 Affected: 17.6.6a Affected: 17.6.5a Affected: 17.6.7 Affected: 17.6.8 Affected: 17.7.1 Affected: 17.10.1 Affected: 17.8.1 Affected: 17.9.1 Affected: 17.9.2 Affected: 17.9.3 Affected: 17.9.4 Affected: 17.9.4a Affected: 17.11.1 Affected: 17.12.1 Affected: 17.12.2 Affected: 17.13.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20293",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-24T17:31:16.493161Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T17:31:27.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.10.1s"
},
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1a"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "16.12.1t"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.3s"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4c"
},
{
"status": "affected",
"version": "17.3.5a"
},
{
"status": "affected",
"version": "17.3.5b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.6.7"
},
{
"status": "affected",
"version": "17.6.8"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.13.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the Day One setup process of Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers for Cloud (9800-CL) could allow an unauthenticated, remote attacker to access the public-key infrastructure (PKI) server that is running on an affected device.\r\n\r This vulnerability is due to incomplete cleanup upon completion of the Day One setup process. An attacker could exploit this vulnerability by sending Simple Certificate Enrollment Protocol (SCEP) requests to an affected device. A successful exploit could allow the attacker to request a certificate from the virtual wireless controller and then use the acquired certificate to join an attacker-controlled device to the virtual wireless controller."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-459",
"description": "Incomplete Cleanup",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T17:15:19.849Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-9800cl-openscep-SB4xtxzP",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-9800cl-openscep-SB4xtxzP"
}
],
"source": {
"advisory": "cisco-sa-9800cl-openscep-SB4xtxzP",
"defects": [
"CSCwh91048"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20293",
"datePublished": "2025-09-24T17:15:19.849Z",
"dateReserved": "2024-10-10T19:15:13.251Z",
"dateUpdated": "2025-09-24T17:31:27.798Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20311 (GCVE-0-2025-20311)
Vulnerability from cvelistv5 – Published: 2025-09-24 17:12 – Updated: 2025-09-30 14:28
VLAI?
EPSS
Summary
A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to become blocked and drop all outbound traffic.
This vulnerability is due to improper handling of crafted Ethernet frames. An attacker could exploit this vulnerability by sending crafted Ethernet frames through an affected switch. A successful exploit could allow the attacker to cause the egress port to which the crafted frame is forwarded to start dropping all frames, resulting in a denial of service (DoS) condition.
Severity ?
7.4 (High)
CWE
- CWE-19 - Data Handling
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Affected:
16.6.1
Affected: 16.6.2 Affected: 16.6.3 Affected: 16.6.4 Affected: 16.6.5 Affected: 16.6.4a Affected: 16.6.6 Affected: 16.6.7 Affected: 16.6.8 Affected: 16.6.9 Affected: 16.6.10 Affected: 16.7.1 Affected: 16.8.1 Affected: 16.8.1a Affected: 16.8.1s Affected: 16.9.1 Affected: 16.9.2 Affected: 16.9.1s Affected: 16.9.3 Affected: 16.9.4 Affected: 16.9.5 Affected: 16.9.6 Affected: 16.9.7 Affected: 16.9.8 Affected: 16.10.1 Affected: 16.10.1s Affected: 16.10.1e Affected: 16.11.1 Affected: 16.11.1b Affected: 16.11.1s Affected: 16.12.1 Affected: 16.12.1s Affected: 16.12.1c Affected: 16.12.2 Affected: 16.12.3 Affected: 16.12.8 Affected: 16.12.2s Affected: 16.12.4 Affected: 16.12.3s Affected: 16.12.3a Affected: 16.12.4a Affected: 16.12.5 Affected: 16.12.6 Affected: 16.12.5b Affected: 16.12.6a Affected: 16.12.7 Affected: 16.12.14 Affected: 17.1.1 Affected: 17.1.1s Affected: 17.1.1t Affected: 17.1.3 Affected: 17.2.1 Affected: 17.2.1a Affected: 17.3.1 Affected: 17.3.2 Affected: 17.3.3 Affected: 17.3.2a Affected: 17.3.4 Affected: 17.3.5 Affected: 17.3.6 Affected: 17.3.4b Affected: 17.3.7 Affected: 17.3.8 Affected: 17.3.8a Affected: 17.4.1 Affected: 17.5.1 Affected: 17.6.1 Affected: 17.6.2 Affected: 17.6.3 Affected: 17.6.1y Affected: 17.6.4 Affected: 17.6.5 Affected: 17.6.6 Affected: 17.6.6a Affected: 17.6.5a Affected: 17.6.7 Affected: 17.6.8 Affected: 17.7.1 Affected: 17.10.1 Affected: 17.10.1b Affected: 17.8.1 Affected: 17.9.1 Affected: 17.9.2 Affected: 17.9.3 Affected: 17.9.4 Affected: 17.9.5 Affected: 17.9.4a Affected: 17.9.6 Affected: 17.9.6a Affected: 17.11.1 Affected: 17.12.1 Affected: 17.12.2 Affected: 17.12.3 Affected: 17.12.4 Affected: 17.12.1z3 Affected: 17.13.1 Affected: 17.14.1 Affected: 17.11.99SW Affected: 17.15.1 Affected: 17.15.2 Affected: 17.15.2a Affected: 17.15.2b Affected: 17.16.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20311",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-24T18:07:27.423618Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T18:07:39.867Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "16.6.1"
},
{
"status": "affected",
"version": "16.6.2"
},
{
"status": "affected",
"version": "16.6.3"
},
{
"status": "affected",
"version": "16.6.4"
},
{
"status": "affected",
"version": "16.6.5"
},
{
"status": "affected",
"version": "16.6.4a"
},
{
"status": "affected",
"version": "16.6.6"
},
{
"status": "affected",
"version": "16.6.7"
},
{
"status": "affected",
"version": "16.6.8"
},
{
"status": "affected",
"version": "16.6.9"
},
{
"status": "affected",
"version": "16.6.10"
},
{
"status": "affected",
"version": "16.7.1"
},
{
"status": "affected",
"version": "16.8.1"
},
{
"status": "affected",
"version": "16.8.1a"
},
{
"status": "affected",
"version": "16.8.1s"
},
{
"status": "affected",
"version": "16.9.1"
},
{
"status": "affected",
"version": "16.9.2"
},
{
"status": "affected",
"version": "16.9.1s"
},
{
"status": "affected",
"version": "16.9.3"
},
{
"status": "affected",
"version": "16.9.4"
},
{
"status": "affected",
"version": "16.9.5"
},
{
"status": "affected",
"version": "16.9.6"
},
{
"status": "affected",
"version": "16.9.7"
},
{
"status": "affected",
"version": "16.9.8"
},
{
"status": "affected",
"version": "16.10.1"
},
{
"status": "affected",
"version": "16.10.1s"
},
{
"status": "affected",
"version": "16.10.1e"
},
{
"status": "affected",
"version": "16.11.1"
},
{
"status": "affected",
"version": "16.11.1b"
},
{
"status": "affected",
"version": "16.11.1s"
},
{
"status": "affected",
"version": "16.12.1"
},
{
"status": "affected",
"version": "16.12.1s"
},
{
"status": "affected",
"version": "16.12.1c"
},
{
"status": "affected",
"version": "16.12.2"
},
{
"status": "affected",
"version": "16.12.3"
},
{
"status": "affected",
"version": "16.12.8"
},
{
"status": "affected",
"version": "16.12.2s"
},
{
"status": "affected",
"version": "16.12.4"
},
{
"status": "affected",
"version": "16.12.3s"
},
{
"status": "affected",
"version": "16.12.3a"
},
{
"status": "affected",
"version": "16.12.4a"
},
{
"status": "affected",
"version": "16.12.5"
},
{
"status": "affected",
"version": "16.12.6"
},
{
"status": "affected",
"version": "16.12.5b"
},
{
"status": "affected",
"version": "16.12.6a"
},
{
"status": "affected",
"version": "16.12.7"
},
{
"status": "affected",
"version": "16.12.14"
},
{
"status": "affected",
"version": "17.1.1"
},
{
"status": "affected",
"version": "17.1.1s"
},
{
"status": "affected",
"version": "17.1.1t"
},
{
"status": "affected",
"version": "17.1.3"
},
{
"status": "affected",
"version": "17.2.1"
},
{
"status": "affected",
"version": "17.2.1a"
},
{
"status": "affected",
"version": "17.3.1"
},
{
"status": "affected",
"version": "17.3.2"
},
{
"status": "affected",
"version": "17.3.3"
},
{
"status": "affected",
"version": "17.3.2a"
},
{
"status": "affected",
"version": "17.3.4"
},
{
"status": "affected",
"version": "17.3.5"
},
{
"status": "affected",
"version": "17.3.6"
},
{
"status": "affected",
"version": "17.3.4b"
},
{
"status": "affected",
"version": "17.3.7"
},
{
"status": "affected",
"version": "17.3.8"
},
{
"status": "affected",
"version": "17.3.8a"
},
{
"status": "affected",
"version": "17.4.1"
},
{
"status": "affected",
"version": "17.5.1"
},
{
"status": "affected",
"version": "17.6.1"
},
{
"status": "affected",
"version": "17.6.2"
},
{
"status": "affected",
"version": "17.6.3"
},
{
"status": "affected",
"version": "17.6.1y"
},
{
"status": "affected",
"version": "17.6.4"
},
{
"status": "affected",
"version": "17.6.5"
},
{
"status": "affected",
"version": "17.6.6"
},
{
"status": "affected",
"version": "17.6.6a"
},
{
"status": "affected",
"version": "17.6.5a"
},
{
"status": "affected",
"version": "17.6.7"
},
{
"status": "affected",
"version": "17.6.8"
},
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.5"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.9.6"
},
{
"status": "affected",
"version": "17.9.6a"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.12.3"
},
{
"status": "affected",
"version": "17.12.4"
},
{
"status": "affected",
"version": "17.12.1z3"
},
{
"status": "affected",
"version": "17.13.1"
},
{
"status": "affected",
"version": "17.14.1"
},
{
"status": "affected",
"version": "17.11.99SW"
},
{
"status": "affected",
"version": "17.15.1"
},
{
"status": "affected",
"version": "17.15.2"
},
{
"status": "affected",
"version": "17.15.2a"
},
{
"status": "affected",
"version": "17.15.2b"
},
{
"status": "affected",
"version": "17.16.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the handling of certain Ethernet frames in Cisco IOS XE Software for Catalyst 9000 Series Switches could allow an unauthenticated, adjacent attacker to cause an egress port to become blocked and drop all outbound traffic.\r\n\r This vulnerability is due to improper handling of crafted Ethernet frames. An attacker could exploit this vulnerability by sending crafted Ethernet frames through an affected switch. A successful exploit could allow the attacker to cause the egress port to which the crafted frame is forwarded to start dropping all frames, resulting in a denial of service (DoS) condition."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-19",
"description": "Data Handling",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T14:28:26.310Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cat9k-PtmD7bgy",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat9k-PtmD7bgy"
}
],
"source": {
"advisory": "cisco-sa-cat9k-PtmD7bgy",
"defects": [
"CSCwn45401"
],
"discovery": "INTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20311",
"datePublished": "2025-09-24T17:12:06.928Z",
"dateReserved": "2024-10-10T19:15:13.253Z",
"dateUpdated": "2025-09-30T14:28:26.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20316 (GCVE-0-2025-20316)
Vulnerability from cvelistv5 – Published: 2025-09-24 17:16 – Updated: 2025-09-24 17:28
VLAI?
EPSS
Summary
A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL on an affected device.
This vulnerability is due to the flooding of traffic from an unlearned MAC address on a switch virtual interface (SVI) that has an egress ACL applied. An attacker could exploit this vulnerability by causing the VLAN to flush its MAC address table. This condition can also occur if the MAC address table is full. A successful exploit could allow the attacker to bypass an egress ACL on an affected device.
Severity ?
5.3 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Cisco | Cisco IOS XE Software |
Affected:
17.7.1
Affected: 17.10.1 Affected: 17.10.1b Affected: 17.8.1 Affected: 17.9.1 Affected: 17.9.2 Affected: 17.9.3 Affected: 17.9.4 Affected: 17.9.5 Affected: 17.9.4a Affected: 17.9.6 Affected: 17.9.6a Affected: 17.9.7 Affected: 17.11.1 Affected: 17.12.1 Affected: 17.12.2 Affected: 17.12.3 Affected: 17.12.4 Affected: 17.12.5 Affected: 17.13.1 Affected: 17.14.1 Affected: 17.15.1 Affected: 17.15.2 Affected: 17.15.3 Affected: 17.15.2b Affected: 17.16.1 Affected: 17.17.1 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20316",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-24T17:28:32.049852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T17:28:43.201Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Cisco IOS XE Software",
"vendor": "Cisco",
"versions": [
{
"status": "affected",
"version": "17.7.1"
},
{
"status": "affected",
"version": "17.10.1"
},
{
"status": "affected",
"version": "17.10.1b"
},
{
"status": "affected",
"version": "17.8.1"
},
{
"status": "affected",
"version": "17.9.1"
},
{
"status": "affected",
"version": "17.9.2"
},
{
"status": "affected",
"version": "17.9.3"
},
{
"status": "affected",
"version": "17.9.4"
},
{
"status": "affected",
"version": "17.9.5"
},
{
"status": "affected",
"version": "17.9.4a"
},
{
"status": "affected",
"version": "17.9.6"
},
{
"status": "affected",
"version": "17.9.6a"
},
{
"status": "affected",
"version": "17.9.7"
},
{
"status": "affected",
"version": "17.11.1"
},
{
"status": "affected",
"version": "17.12.1"
},
{
"status": "affected",
"version": "17.12.2"
},
{
"status": "affected",
"version": "17.12.3"
},
{
"status": "affected",
"version": "17.12.4"
},
{
"status": "affected",
"version": "17.12.5"
},
{
"status": "affected",
"version": "17.13.1"
},
{
"status": "affected",
"version": "17.14.1"
},
{
"status": "affected",
"version": "17.15.1"
},
{
"status": "affected",
"version": "17.15.2"
},
{
"status": "affected",
"version": "17.15.3"
},
{
"status": "affected",
"version": "17.15.2b"
},
{
"status": "affected",
"version": "17.16.1"
},
{
"status": "affected",
"version": "17.17.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability in the access control list (ACL) programming of Cisco IOS XE Software for Cisco Catalyst 9500X and 9600X Series Switches could allow an unauthenticated, remote attacker to bypass a configured ACL on an affected device.\r\n\r This vulnerability is due to the flooding of traffic from an unlearned MAC address on a switch virtual interface (SVI) that has an egress ACL applied. An attacker could exploit this vulnerability by causing the VLAN to flush its MAC address table. This condition can also occur if the MAC address table is full. A successful exploit could allow the attacker to bypass an egress ACL on an affected device."
}
],
"exploits": [
{
"lang": "en",
"value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "cvssV3_1"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "Improper Access Control",
"lang": "en",
"type": "cwe"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-24T17:16:45.155Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-sa-cat9k-acl-L4K7VXgD",
"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cat9k-acl-L4K7VXgD"
}
],
"source": {
"advisory": "cisco-sa-cat9k-acl-L4K7VXgD",
"defects": [
"CSCwo11541"
],
"discovery": "EXTERNAL"
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2025-20316",
"datePublished": "2025-09-24T17:16:45.155Z",
"dateReserved": "2024-10-10T19:15:13.253Z",
"dateUpdated": "2025-09-24T17:28:43.201Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…