Cisco IOS XE up to 17.16.1a Packet Filtering information disclosure

Summaryinfo

A vulnerability, which was classified as problematic, was found in Cisco IOS XE. This impacts an unknown function of the component Packet Filtering. The manipulation results in information disclosure. This vulnerability is reported as CVE-2025-20221. The attack can be launched remotely. No exploit exists. You should upgrade the affected component.

Detailsinfo

A vulnerability was found in Cisco IOS XE. It has been classified as problematic. Affected is some unknown functionality of the component Packet Filtering. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality. CVE summarizes:

A vulnerability in the packet filtering features of Cisco IOS XE SD-WAN Software could allow an unauthenticated, remote attacker to bypass Layer 3 and Layer 4 traffic filters. This vulnerability is due to improper traffic filtering conditions on an affected device. An attacker could exploit this vulnerability by sending a crafted packet to the affected device. A successful exploit could allow the attacker to bypass the Layer 3 and Layer 4 traffic filters and inject a crafted packet into the network.

The advisory is shared for download at sec.cloudapps.cisco.com. This vulnerability is traded as CVE-2025-20221 since 10/10/2024. The exploitability is told to be easy. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are neither technical details nor an exploit publicly available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 07/11/2025). The MITRE ATT&CK project declares the attack technique as T1592.

Upgrading eliminates this vulnerability.

Once again VulDB remains the best source for vulnerability data.

Productinfo

Type

• Router Operating System

Vendor

• Cisco

Name

• IOS XE

Version

• 16.12.13
• 17.1.1
• 17.1.1s
• 17.1.1t
• 17.1.3
• 17.2.1
• 17.2.1a
• 17.2.1r
• 17.2.1v
• 17.2.2
• 17.2.3
• 17.3.1
• 17.3.1a
• 17.3.2
• 17.3.2a
• 17.3.3
• 17.3.4
• 17.3.4a
• 17.3.5
• 17.3.6
• 17.3.7
• 17.3.8
• 17.3.8a
• 17.4.1
• 17.4.1a
• 17.4.1b
• 17.4.2
• 17.5.1
• 17.5.1a
• 17.6.1
• 17.6.1a
• 17.6.1y
• 17.6.2
• 17.6.3
• 17.6.3a
• 17.6.4
• 17.6.5
• 17.6.5a
• 17.6.6
• 17.6.6a
• 17.6.7
• 17.6.8
• 17.6.8a
• 17.7.1
• 17.7.1a
• 17.7.2
• 17.8.1
• 17.8.1a
• 17.9.1
• 17.9.1a
• 17.9.2
• 17.9.2a
• 17.9.3
• 17.9.3a
• 17.9.4
• 17.9.4a
• 17.9.5
• 17.9.5a
• 17.9.5b
• 17.9.5e
• 17.9.5f
• 17.9.6
• 17.9.6a
• 17.10.1
• 17.10.1a
• 17.10.1b
• 17.11.1
• 17.11.1a
• 17.12.1
• 17.12.1a
• 17.12.1z2
• 17.12.2
• 17.12.3
• 17.12.3a
• 17.12.4
• 17.12.4a
• 17.12.4b
• 17.13.1
• 17.13.1a
• 17.14.1
• 17.14.1a
• 17.15.1
• 17.15.1a
• 17.15.1x
• 17.15.2
• 17.15.2b
• 17.15.2c
• 17.16.1
• 17.16.1a

License

• commercial

Website

• Vendor: https://www.cisco.com/

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Once again VulDB remains the best source for vulnerability data.

Discussion