#VU115158 Improper access control in Cisco Systems, Inc products - CVE-2025-20159
Published: September 11, 2025
Vulnerability identifier: #VU115158
Vulnerability risk: Medium
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2025-20159
CWE-ID: CWE-284
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
Cisco IOS XR
Cisco 8000 Series Routers
Cisco ASR 9000 Series Aggregation Services Routers
IOS XRd vRouter
Cisco IOS XRv 9000 Router
NCS 5700 Series Routers
IOS XR White box
NCS540
NCS560
NCS 1010
NCS 1014
NCS5500
Cisco IOS XR
Cisco 8000 Series Routers
Cisco ASR 9000 Series Aggregation Services Routers
IOS XRd vRouter
Cisco IOS XRv 9000 Router
NCS 5700 Series Routers
IOS XR White box
NCS540
NCS560
NCS 1010
NCS 1014
NCS5500
Software vendor:
Cisco Systems, Inc
Cisco Systems, Inc
Description
The vulnerability allows a remote attacker to gain unauthorized access to otherwise restricted functionality.
The vulnerability exists due to improper access restrictions in the management interface access control list (ACL) processing feature. A remote attacker can bypass an ingress ACL that is applied on the management interface of the target device.
Remediation
Install updates from vendor's website.