CVE-2025-20248 — Vulnetix

CVE-2025-20248 PUBLISHED

De multiples vulnérabilités ont été découvertes dans Cisco IOS XR. Elles permettent à un attaquant de provoquer un déni de service à distance et un contournement de la politique de sécurité.

EPSS 0.01% · 2.4th percentile

Risk Scores

EPSS Score

0.01%

2.4th percentile

Affected Products

Vendor	Product	Versions
Cisco	IOS XR

Exploit Intelligence

CIRCL seen: CVE-2025-20248 (circl-sighting)
CIRCL seen: CVE-2025-20248 (circl-sighting)
CIRCL seen: CVE-2025-20248 (circl-sighting)
CIRCL seen: CVE-2025-20248 (circl-sighting)
CIRCL seen: CVE-2025-20248 (circl-sighting)
cisco-sa-xrsig-UY4zRUCG (circl)

Timeline

Oct 10, 2024 CVE ID Reserved
Sep 10, 2025 Coalition ESS Score
Sep 10, 2025 CVE Published
Sep 10, 2025 PoC Published
Sep 11, 2025 EPSS Score
Sep 11, 2025 Coalition ESS Score
Sep 11, 2025 PoC Published
Sep 11, 2025 PoC Published
Sep 15, 2025 PoC Published
Sep 15, 2025 PoC Published
Sep 18, 2025 EPSS Score
Sep 26, 2025 EPSS Score

References

https://cert.ssi.gouv.fr/avis/CERTFR-2025-AVI-0781/ advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrsig-UY4zRUCG advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-arp-storm-EjUU55yM advisory

Open in Interactive Console →