CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Cisco Patches High-Severity IOS XR Vulnerabilities

The security defects could lead to denial-of-service (DoS) conditions, command execution, or device takeover. The post Cisco Patches High-Severity IOS XR Vulnerabilities appeared first on SecurityWeek.

Cisco patches

Cisco on Wednesday published its semiannual IOS XR software security advisory bundle, which includes three advisories detailing four high-severity vulnerabilities.

The most severe of these issues are CVE-2026-20040 and CVE-2026-20046 (CVSS score of 8.8), two bugs that could be exploited to execute arbitrary commands as root or gain administrative control of a device.

CVE-2026-20040 exists because user arguments passed to specific CLI commands are not sufficiently validated, allowing a low-privileged attacker to supply crafted commands at the prompt.

“A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands on the underlying operating system,” Cisco explains in its advisory.

CVE-2026-20046 impacts the task group assignment for a specific CLI command and exists because the command is incorrectly mapped to task groups within the source code.

This allows an unprivileged attacker to bypass the task group-based checks via CLI commands to elevate their privileges to administrator and perform actions without authorization checks.

On Wednesday, Cisco also announced patches for CVE-2026-20074 (CVSS score of 7.4), a bug in the Intermediate System-to-Intermediate System (IS-IS) multi-instance routing feature of IOS XR that could be exploited to restart the IS-IS process.

Insufficient input validation of ingress IS-IS packets could allow an unauthenticated, adjacent attacker to send crafted packets to a vulnerable device to cause the IS-IS process to restart, thus causing a denial-of-service (DoS) condition.

The fourth high-severity bug addressed in IOS XR this month is CVE-2026-20118 (CVSS score of 6.8), which impacts the handling of an Egress Packet Network Interface (EPNI) Aligner interrupt.

The corruption of packets when an EPNI Aligner interrupt is triggered during heavy transit traffic could allow an attacker to cause persistent, heavy packet loss and a DoS condition by sending a continuous flow of crafted packets to a vulnerable device.

Fixes are available for all these vulnerabilities, and Cisco notes that it is not aware of any of them being exploited in the wild.

On Wednesday, the tech giant also patched two medium-severity flaws in Packaged CCE, Unified CCE, Unified CCX, and Unified Intelligence Center that could be exploited by remote, unauthenticated attackers to mount XSS attacks.

Related: Recent Cisco Catalyst SD-WAN Vulnerability Now Widely Exploited

Related: Cisco Patches Critical Vulnerabilities in Enterprise Networking Products

Related: Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers

Related: Cisco, F5 Patch High-Severity Vulnerabilities

Latest News

CYBERNEWSMEDIAPublisher