Cisco on Wednesday released patches for three vulnerabilities in IOS XR software, as part of its September 2025 security advisory bundled publication.
Tracked as CVE-2025-20248 (CVSS score of 6), the first of the bugs is a high-severity issue in the IOS XR installation process that could allow attackers to bypass image signature verification.
Successful exploitation of the flaw, Cisco explains, could lead to unsigned files being added to an ISO image, which could then be installed and activated on a device.
Because of the potential bypass of the image verification process, Cisco has raised the security impact rating of the advisory from medium to high.
The second IOS XR issue resolved this week is CVE-2025-20340 (CVSS score of 7.4), a bug in the software’s Address Resolution Protocol (ARP) implementation that could be exploited by adjacent, unauthenticated attackers to cause a denial-of-service (DoS) condition.
“This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities,” Cisco explains.
The third security defect is a medium-severity issue in IOS XR’s ACL processing feature that could allow unauthenticated, remote attackers to send traffic to a vulnerable device and bypass configured ACLs for the SSH, NetConf, and gRPC features.
Tracked as CVE-2025-20159 (CVSS score of 5.3), the flaw exists because IOS XR packet I/O infrastructure platforms for SSH, NetConf, and gRPC have not supported management interface ACLs.
Cisco says it is not aware of any of these vulnerabilities being exploited in the wild. Users are advised to apply the available patches as soon as possible, as hackers are known to have exploited Cisco bugs.
Related: Fortinet, Ivanti, Nvidia Release Security Updates
Related: Apple Unveils iPhone Memory Protections to Combat Sophisticated Attacks
Related: ICS Patch Tuesday: Rockwell Automation Leads With 8 Security Advisories
