—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Image Verification Bypass Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Component Affected

ASR 9000 Series Aggregation Services Routers (64-bit)

IOS XR White box (IOSXRWBD)

IOS XRv 9000 Routers

Network Convergence System (NCS) 540 Series Routers that are running an NCS 540-iosxr base image

NCS 560 Series Routers

NCS 1000 Series (NCS 1001, NCS 1002, and NCS 1004)

NCS 5000 Series Routers

NCS 5500 Series Routers

NCS 5700 Series Line Cards and Routers that are running an NCS 5500 base image

NCS 6000 Series Routers

Overview

A  vulnerability has been reported in  installation process of Cisco IOS XR Software could allow an authenticated,  local attacker to bypass Cisco IOS XR Software image signature verification and load unsigned software on an affected device.

 

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Cisco IOS XR Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

This vulnerability exists due to incomplete validation of files during the installation of an .iso file. An attacker could exploit this vulnerability by modifying contents of the .iso image and then installing and activating it on the device.

Successful exploitation of this vulnerability could allow the attacker to load an unsigned file as part of the image activation process.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrsig-UY4zRUCG

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrsig-UY4zRUCG

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xrsig-UY4zRUCG

CVE Name

CVE-2025-20248

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjJZBwACgkQ3jCgcSdc

ys9AkBAAgBRSz/ZTqnLKd9IlmNWjy3l5/6uvi6zOt88P3m4buPVmu2E/lHhaAWTk

hyl+g1L+ndBNzdW71QTAzRoEjmZRWa7B91ew57l3kYaQQET0InWavxHdjclYwvoF

wZh06e/iU/18TI/s7A1uvJWpV8ABdkPmwJ7r69P9/tzTFWpXkZtHuFUA03fNXuzT

E+GV3S7eYNbxyW9oHYPfRhZcwhQHVdlWLNucGQieolIxuKPQ+fe+RUeM98LNTVQ2

uuA/kLO2FRFRG0p/X/mivxeP1rSaBX+IyXzbnWplGzBLuK4Xo4pwBtj+ojy3r42j

GIIPELO+w2Vd40X0+tIzHeWpj4ZM2R9yrnQfVyeHRMgdONG2k3G2kI5I2rWv17Wl

UGDGR2Z98+p5P5jBQjemV2klRHv0DkVzgZrpshAsFSri7eUbss64n7t1yuOnQHgb

SNAy6QIp25eB66CIOYQhhX+bndRZTdQbHYVBfPFuMPg13Iar1wagmd4XzBOoQTFe

/FlOHl6LTFjFjs19KG5qZ6YX2eka1Jg442diZfH+044pRzJQHtJLQeZqEX0qLW5k

lStVDEP8KTyvIwpD29Ym0d9FyP9FkVGAgnht5phBbjOP7zZE9yQpeh4rUZLq1JbK

XVCvseJFjyDD5pLG2yGrUN3f85OSVEMtMsA/8v+/ukZ5VcBdVXI=

=5Qj3

—–END PGP SIGNATURE—–