CVE-2025-20199Improper Input Validation in Cisco IOS XE Software

CWE-20Improper Input ValidationCWE-754Improper Check for Unusual or Exceptional ConditionsCWE-346Origin Validation Error5 documents5 sources
Severity
8.2HIGHNVD
CNA4.6
EPSS
0.1%
top 75.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco IOS XE SoftwareCisco IOS XE
Timeline
PublishedMay 7

Description

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root on the underlying operating system of an affected device. This vulnerability is due to insufficient input validation when processing specific configuration commands. An attacker could exploit this vulnerability by including crafted input in specific configuration commands. A successful exploit could allow the attacker to elevate privileges to root

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages2 packages

CVEListV5cisco/cisco_ios_xe_software406 versions+405
NVDcisco/ios_xe406 versions+405

🔴Vulnerability Details

2
CVEList
CVE-2025-20199: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root2025-05-07
GHSA
GHSA-gjc9-7q7f-25qw: A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with privilege level 15 to elevate privileges to root2025-05-07

📋Vendor Advisories

2
Cisco
Cisco IOS XE Software Privilege Escalation Vulnerabilities2025-05-07
Microsoft
Rootless containers run with Podman receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) con2021-02-09
CVE-2025-20199 — Improper Input Validation in Cisco | cvebase