Cisco has issued an advisory for a critical vulnerability (CVE-2025-20115) in its IOS XR software.
Cisco has issued an advisory for a critical vulnerability (CVE-2025-20115) in its IOS XR software.
This vulnerability, found in the Border Gateway Protocol (BGP) confederation implementation, could allow an attacker to cause a denial of service (DoS).
The vulnerability results from a memory corruption when a BGP update contains an AS_CONFED_SEQUENCE attribute that exceeds a specified length. The risk is significant for organizations running Cisco IOS XR with BGP confederation configured.
Cisco has released updates to address this issue. If immediate updates are not possible, a workaround is available: limit the BGP AS_CONFED_SEQUENCE attribute to 254 AS numbers or less.
Network administrators should review their configurations and apply the necessary updates or workaround to ensure network stability.