VDB
CVE-2026-20118
CVE-2026-20118
PUBLISHED
CVSS 6.800000190734863 MEDIUM
De multiples vulnérabilités ont été découvertes dans Cisco IOS XR. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges et un déni de service à distance. L'éditeur fournit des recommandations dans l'attente de la publication de nouvelles versions applicatives.
EPSS 0.10% · 26.9th percentile
Risk Scores
CVSS 3.1
6.800000190734863
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:H
EPSS Score
0.10%
26.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | N/A | |
| Cisco | Cisco IOS XR Software | 7.9.1, 7.9.2, 7.11.1 |
Exploit Intelligence
- cisco-sa-iosxr-privesc-bF8D5U4W (circl)
- CIRCL seen: CVE-2026-20118 (circl-sighting)
- CIRCL seen: CVE-2026-20118 (circl-sighting)
- CIRCL seen: CVE-2026-20118 (circl-sighting)
- cisco-sa-xrncs-epni-int-dos-TWMffUsN (circl)
- CIRCL seen: CVE-2026-20040 (circl-sighting)
- CIRCL seen: CVE-2026-20040 (circl-sighting)
- CIRCL seen: CVE-2026-20040 (circl-sighting)
- CIRCL seen: CVE-2026-20040 (circl-sighting)
- CIRCL seen: CVE-2026-20040 (circl-sighting)
…and 1 more exploits
Timeline
- Mar 11, 2026 CVE Published
- Mar 11, 2026 PoC Published
- Mar 11, 2026 PoC Published
- Mar 11, 2026 CVE Updated
- Mar 11, 2026 PoC Published
- Mar 12, 2026 EPSS Score
- Mar 12, 2026 PoC Published
- Mar 12, 2026 PoC Published
- Mar 12, 2026 PoC Published
- Mar 12, 2026 PoC Published
- Mar 12, 2026 PoC Published
- Mar 12, 2026 PoC Published
References
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrncs-epni-int-dos-TWMffUsN advisory
- https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-isis-dos-kDMxpSzK advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-20118 advisory