Cisco IOS XR vulnerabilities

CVE-2022-20714 Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability CVE-2022-20714: Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed-Plus Line Cards Denial of Service Vulnerability A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers , ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated,

CVE-2018-0132 Cisco IOS XR Software Routing and Forwarding Inconsistency Denial of Service Vulnerability CVE-2018-0132: Cisco IOS XR Software Routing and Forwarding Inconsistency Denial of Service Vulnerability A vulnerability in the forwarding information base (FIB) code of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause inconsistency between the routing information base (RIB) and the FIB, resulting in a denial of service (DoS) condition. The vulnerability is due

CVE-2024-20315 Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities CVE-2024-20315: Cisco IOS XR Software MPLS and Pseudowire Interfaces Access Control List Bypass Vulnerabilities Multiple vulnerabilities in the IP access control list (ACL) processing in the ingress direction on MPLS and Pseudowire (PW) interfaces of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. For more information about these vulnera

CVE-2022-20821 Cisco IOS XR Software Health Check Open Port Vulnerability CVE-2022-20821: Cisco IOS XR Software Health Check Open Port Vulnerability A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. This vulnerability exists because the health check RPM opens TCP port 6379 by default upon activation. An attacker could exploit this vulnerability by connecting to t

CVE-2017-12270 Cisco IOS XR Software Denial of Service Vulnerability CVE-2017-12270: Cisco IOS XR Software Denial of Service Vulnerability A vulnerability in the gRPC code of Cisco IOS XR Software for Cisco Network Convergence System (NCS) 5500 Series Routers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition when the emsd service stops. The vulnerability is due to the software's inability to process HTTP/2 packets. An attacker could exploit this vulnera

CVE-2025-20248 Cisco IOS XR Software Image Verification Bypass Vulnerability CVE-2025-20248: Cisco IOS XR Software Image Verification Bypass Vulnerability A vulnerability in the installation process of Cisco IOS XR Software could allow an authenticated, local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device. To exploit this vulnerability, the attacker must have root-system privileges on the affected device. This vulnerability

CVE-2026-20074 Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability CVE-2026-20074: Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerab