Cisco IOS XR Software CLI Privilege Escalation Vulnerability

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as <em>root</em> on the underlying operating system of an affected device.<br><br> This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to <em>root </em>and execute arbitrary commands.<br><br> Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.<br><br> This advisory is available at the following link:<br><a href="https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF">https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-esc-GFQjxvOF</a><br><br> This advisory is part of the March 2025 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see <a href="https://sec.cloudapps.cisco.com/security/center/viewErp.x?alertId=ERP-75548">Cisco Event Response: March 2025 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication</a>.<br><br> <br/>Security Impact Rating: High <br/>CVE: CVE-2025-20138