CVE-2025-20115

Published Mar 12, 2025

Last updated 23 days ago

CVSS high 8.6

Overview

Description
A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to a memory corruption that occurs when a BGP update is created with an AS_CONFED_SEQUENCE attribute that has 255 autonomous system numbers (AS numbers). An attacker could exploit this vulnerability by sending a crafted BGP update message, or the network could be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more. A successful exploit could allow the attacker to cause memory corruption, which may cause the BGP process to restart, resulting in a DoS condition. To exploit this vulnerability, an attacker must control a BGP confederation speaker within the same autonomous system as the victim, or the network must be designed in such a manner that the AS_CONFED_SEQUENCE attribute grows to 255 AS numbers or more.
Source
psirt@cisco.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Primary
Base score
8.6
Impact score
4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Severity
HIGH

Weaknesses

psirt@cisco.com
CWE-120

Social media

Hype score
Not currently trending

  1. 🚨 ALERTA DE SEGURIDAD: CVE-2025-20115 - Vulnerabilidad de Denegación de Servicio en Cisco IOS XR Software 🚨 📌 Nivel de Urgencia: Alto 📊 Puntuación CVSS: 8.6 https://t.co/qy8NFKeyUN

    @BanCERT_gt

    26 Mar 2025

    20 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Critical vulnerability in Cisco IOS XR 🚨 A newly discovered DoS vulnerability (CVE-2025-20115) in Cisco IOS XRallows attackers to crash the BGP. https://t.co/mU8OfuH3ud #CyberSecurity #Cisco #Networking #BGP #SecurityPatch #InfoSec https://t.co/E4cLeDhJNV

    @protecticore

    23 Mar 2025

    37 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Cisco warns of a high-severity vulnerability (CVE-2025-20115) in IOS XR routers that lets attackers crash the BGP process with a single crafted update, causing a denial of service. Affected users should update or limit AS_CONFED_SEQUENCE to 254 AS numbers. #CyberSecurity

    @deadlockfinger

    22 Mar 2025

    26 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Cisco patched a denial of service (DoS) vulnerability that lets attackers crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message. This high-severity flaw (tracked as CVE-2025-20115) affects Cisco IOS XR devices https://t.co/CvUgn6rlJe h

    @riskigy

    17 Mar 2025

    34 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 【リンク集:3月14日〜17日のセキュリティ関連ニュース/記事】 <脆弱性> ・Cisco IOS XRの脆弱性により、ルーターのBGPがクラッシュ可能に(CVE-2025-20115) https://t.co/vXVVKeKZSj ・CVE-2025-26701 (CVSS 10):Percona製PMM OVAの利用者が不正アクセスの危機にさらされる… https://t.co/4e7jQlMYJa

    @MachinaRecord

    17 Mar 2025

    79 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  6. آسیب‌پذیری جدید CVE-2025-20115 در روترهای Cisco IOS XR به مهاجمان اجازه می‌دهد پروتکل BGP را از کار بیندازند #Cyber_Security_News #اخبار_امنیت_سایبری #Cisco #CVE_2025_20115 #سیسکو #BGP https://t.co/06IiE9FT2H

    @vulnerbyte

    16 Mar 2025

    15 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Cisco IOS XRの脆弱性により、攻撃者がルーター上のBGPをクラッシュさせる可能性があります。(CVE-2025-20115) https://t.co/63cULnvEUq #Security #セキュリティ

    @SecureShield_

    16 Mar 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. برای محصول Cisco IOS XR Software مربوط به سیسکو ، آسیب پذیری با کد شناسایی CVE-2025-20115 منتشر شده است. این آسیب پذیری در رابطه با BGP بوده و هکرها می توانند، حمله DOS را اجرا کنند. برای پیشگیری و مقابله با این تهدید ، به روز رسانی لازم را اعمال نمایید. https://t.co/Poz3aKYxT1 h

    @AmirHossein_sec

    15 Mar 2025

    43 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. 🚨 Cisco warns of a critical IOS XR vulnerability (CVE-2025-20115) that could cause a DoS attack via BGP flaws. Patch your systems now! 🔒 Read More: https://t.co/phMtgufQWW #CiscoSecurity #CyberThreats #cybersecurity #cisco #ios #cve202520115 #Canada #CanadaCyberAwareness htt

    @FindSecCyber

    15 Mar 2025

    34 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Critical BGP Vulnerability in Cisco IOS XR Software: CVE-2025-20115 Exposes Networks to DoS Risks https://t.co/kDCymdGN0X https://t.co/34f7iu0xua

    @threatsbank

    15 Mar 2025

    37 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Cisco IOS XR Softwareの脆弱性CVE-2025-20115は、DDoSを引き起こす可能性があります。Ciscoは一時的な回避策として、BGPAS_CONFED_SEQUENCE属性のAS番号を254以下に制限するポリシーを推奨しています。脆弱性を修正したアップデートをリリース済みです。 https://t.co/i1drpYt83y https://t.co/4pjfi2Eydz

    @t_nihonmatsu

    15 Mar 2025

    467 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  12. Cisco patched a high-severity denial of service vulnerability (CVE-2025-20115) affecting IOS XR routers, allowing attackers to crash the BGP process via a crafted update message, exploiting memory corruption in the confederation implementation. #Security #Cisco https://t.co/hup1t

    @Strivehawk

    14 Mar 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Cisco has fixed a critical DoS vulnerability (CVE-2025-20115) in IOS XR that lets attackers crash BGP on routers via a single update message. Affected devices include ASR 9000 & NCS 5500. ⚠️ #Cisco #BGP #USA link: https://t.co/pzSxhzSQUp https://t.co/Qc9tgYbVoV

    @TweetThreatNews

    14 Mar 2025

    60 Impressions

    0 Retweets

    0 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  14. 🚨 Cisco warns of CVE-2025-20115, a DoS vulnerability in IOS XR affecting BGP confederation. Exploiting this can lead to memory corruption via crafted BGP updates. Updates available. #Cisco #NetworkSecurity #USA link: https://t.co/zgnDFysF4k https://t.co/zVVmZgHGVm

    @TweetThreatNews

    14 Mar 2025

    45 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. A new vulnerability with increased severity was disclosed for Cisco IOS XR (CVE-2025-20115) https://t.co/CddDfb0HNV

    @vuldb

    12 Mar 2025

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. CVE-2025-20115 A vulnerability in confederation implementation for the Border Gateway Protocol (BGP) in Cisco IOS XR Software could allow an unauthenticated, remote attacker to… https://t.co/5xBrvWHiYG

    @CVEnew

    12 Mar 2025

    111 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. �� CVE-2025-20115 - Cisco IOS XR Software - HIGH 🚨 🗓️ Date published 2025-03-12 16:15:21 UTC #CiscoIOSXRSoftware #CyberSecurity #InfoSec #Vulnerability #TechNews https://t.co/ddIpUhvl6V

    @vulns_space

    12 Mar 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References