CVE-2025-20181

CWE-3474 documents4 sources
Severity
6.8MEDIUM
EPSS
0.1%
top 71.36%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco IOS
Timeline
PublishedMay 7

Description

A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacker with privilege level 15 or an unauthenticated attacker with physical access to the device to execute persistent code at boot time and break the chain of trust. This vulnerability is due to missing signature verification for specific files that may be loaded during the device boot process. An attacker could exploit this vulnerability by placing a

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 0.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5cisco/ios106 versions+105
NVDcisco/ios106 versions+105

🔴Vulnerability Details

2
GHSA
GHSA-95h6-vgwg-qcqc: A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacke2025-05-07
CVEList
CVE-2025-20181: A vulnerability in Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches could allow an authenticated, local attacke2025-05-07

📋Vendor Advisories

1
Cisco
Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches Secure Boot Bypass Vulnerability2025-05-07
CVE-2025-20181 (MEDIUM CVSS 6.8) | A vulnerability in Cisco IOS Softwa | cvebase.io