Permissions, Privileges, and Access Controls in Cisco Systems, Inc products - CVE-2025-20177
Published: March 13, 2025
Vulnerability identifier: #VU105699
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2025-20177
CWE-ID: CWE-264
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Cisco Systems, Inc
Affected software:
Cisco IOS XR
Cisco 8000 Series Routers
NCS 5700 Series Routers
NCS540
NCS 1010
NCS 1014
Cisco IOS XR
Cisco 8000 Series Routers
NCS 5700 Series Routers
NCS540
NCS 1010
NCS 1014
Detailed vulnerability description
The vulnerability allows a local user to compromise the target system.
The vulnerability exists due to incomplete validation of files in the boot verification process. A local administrator can control the boot configuration, which could enable them to bypass the requirement to run Cisco-signed images or alter the security properties of the running system.
How to mitigate CVE-2025-20177
Install updates from vendor's website.