CNNVD-202509-3816 Information

CNNVD ID

CNNVD-202509-3816

Related CVE

CVE-2025-20314

• CNNVD Published: 2025-09-24

Description (Chinese)

Cisco IOS XE是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE存在安全漏洞，该漏洞源于软件包验证不当，可能导致执行持久性代码和绕过安全功能。

Description (English)

Cisco IOS XE is an operating system of Cisco. Cisco IOS XE, a single operating system for Cable and Wireless Access, Convergence, Core and WAN, reduces the complexity of operations and networks. Cisco IOS XE has a security loophole, which stems from inadequate software package validation, which may lead to the implementation of persistent codes and the circumvention of security features.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Citadel

Published

2025-09-24

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC https://access.redhat.com/security/cve/cve-2025-20314

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC