Cisco on Wednesday launched patches for 3 vulnerabilities in IOS XR software program, as a part of its September 2025 security advisory bundled publication.
Tracked as CVE-2025-20248 (CVSS rating of 6), the primary of the bugs is a high-severity problem within the IOS XR set up course of that would permit attackers to bypass picture signature verification.
Profitable exploitation of the flaw, Cisco explains, may result in unsigned recordsdata being added to an ISO picture, which may then be put in and activated on a tool.
Due to the potential bypass of the picture verification course of, Cisco has raised the security impression score of the advisory from medium to excessive.
The second IOS XR problem resolved this week is CVE-2025-20340 (CVSS rating of seven.4), a bug within the software program’s Deal with Decision Protocol (ARP) implementation that might be exploited by adjoining, unauthenticated attackers to trigger a denial-of-service (DoS) situation.
“This vulnerability is because of how Cisco IOS XR Software program processes a excessive, sustained fee of ARP site visitors hitting the administration interface. Beneath sure circumstances, an attacker may exploit this vulnerability by sending an extreme quantity of site visitors to the administration interface of an affected machine, overwhelming its ARP processing capabilities,” Cisco explains.
The third security defect is a medium-severity problem in IOS XR’s ACL processing characteristic that would permit unauthenticated, distant attackers to ship site visitors to a weak machine and bypass configured ACLs for the SSH, NetConf, and gRPC options.
Tracked as CVE-2025-20159 (CVSS rating of 5.3), the flaw exists as a result of IOS XR packet I/O infrastructure platforms for SSH, NetConf, and gRPC haven’t supported administration interface ACLs.
Cisco says it isn’t conscious of any of those vulnerabilities being exploited within the wild. Customers are suggested to use the accessible patches as quickly as attainable, as hackers are recognized to have exploited Cisco bugs.
