Cisco IOS XR up to 24.4.1 Ingress Interface access control

Summaryinfo

A vulnerability was found in Cisco IOS XR. It has been rated as critical. Impacted is an unknown function of the component Ingress Interface. The manipulation leads to access control. This vulnerability is traded as CVE-2025-20145. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in Cisco IOS XR and classified as critical. This issue affects an unknown function of the component Ingress Interface. The manipulation with an unknown input leads to a access control vulnerability. Using CWE to declare the problem leads to CWE-264. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

A vulnerability in the access control list (ACL) processing in the egress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability exists because certain packets are handled incorrectly when they are received on an ingress interface on one line card and destined out of an egress interface on another line card where the egress ACL is configured. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an egress ACL on the affected device. For more information about this vulnerability, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

It is possible to read the advisory at sec.cloudapps.cisco.com. The identification of this vulnerability is CVE-2025-20145 since 10/10/2024. The exploitation is known to be easy. The attack may be initiated remotely. No form of authentication is needed for a successful exploitation. The technical details are unknown and an exploit is not publicly available. The pricing for an exploit might be around USD $5k-$25k at the moment (estimation calculated on 08/01/2025). The attack technique deployed by this issue is T1068 according to MITRE ATT&CK.

Upgrading eliminates this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• IOS XR

Version

• 6.5.1
• 6.5.2
• 6.5.3
• 6.5.92
• 6.5.93
• 6.6.1
• 6.6.2
• 6.6.3
• 6.6.4
• 6.6.25
• 7.0.1
• 7.0.2
• 7.0.11
• 7.0.12
• 7.0.14
• 7.0.90
• 7.1.1
• 7.1.2
• 7.2.1
• 7.2.2
• 7.2.12
• 7.3.1
• 7.3.2
• 7.3.3
• 7.3.4
• 7.3.5
• 7.3.6
• 7.3.15
• 7.3.16
• 7.4.1
• 7.4.2
• 7.5.1
• 7.5.2
• 7.5.3
• 7.5.4
• 7.5.5
• 7.5.12
• 7.6.1
• 7.6.2
• 7.7.1
• 7.7.2
• 7.7.21
• 7.8.1
• 7.8.2
• 7.8.22
• 7.9.1
• 7.9.2
• 7.10.1
• 7.10.2
• 7.11.1
• 7.11.2
• 7.11.21
• 24.1.1
• 24.1.2
• 24.2.1
• 24.2.2
• 24.2.11
• 24.2.20
• 24.3.1
• 24.3.2
• 24.4.1

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Discussion