VDB
CVE-2025-20159
CVE-2025-20159
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features. This vulnerability exists because management interface ACLs have not been supported on Cisco IOS XR Software Packet I/O infrastructure platforms for Linux-handled features such as SSH, NetConf, or gRPC. An attacker could exploit this vulnerability by attempting to send traffic to an affected device. A successful exploit could allow the attacker to bypass an ingress ACL that is applied on the management interface of the affected device.
EPSS 0.04% · 13.9th percentile
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS Score
0.04%
13.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Cisco IOS XR Software | 6.6.1, 7.0.1, 6.5.2 |
Exploit Intelligence
- CIRCL seen: CVE-2025-20159 (circl-sighting)
- CIRCL seen: CVE-2025-20159 (circl-sighting)
- cisco-sa-acl-packetio-Swjhhbtz (circl)
Timeline
- Oct 10, 2024 CVE ID Reserved
- Sep 10, 2025 Coalition ESS Score
- Sep 10, 2025 CVE Published
- Sep 10, 2025 CVE Updated
- Sep 11, 2025 EPSS Score
- Sep 11, 2025 Coalition ESS Score
- Sep 11, 2025 PoC Published
- Sep 12, 2025 PoC Published
- Sep 18, 2025 EPSS Score
- Sep 26, 2025 EPSS Score
- Oct 3, 2025 EPSS Score
- Oct 3, 2025 Coalition ESS Score