CVE-2025-20119

Published Feb 26, 2025

Last updated a month ago

CVSS medium 6.0

Overview

Description
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to a race condition with handling system files. An attacker could exploit this vulnerability by doing specific operations on the file system. A successful exploit could allow the attacker to overwrite system files, which could lead to the device being in an inconsistent state and cause a DoS condition.
Source
psirt@cisco.com
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
6
Impact score
5.2
Exploitability score
0.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Severity
MEDIUM

Weaknesses

psirt@cisco.com
CWE-362

Social media

Hype score
Not currently trending

  1. CVE-2025-20119 A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could caus… https://t.co/ax2eqzzpRh

    @CVEnew

    26 Feb 2025

    42 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References