CNNVD-202509-3818 Information

CNNVD ID

CNNVD-202509-3818

Related CVE

CVE-2025-20313

• CNNVD Published: 2025-09-24

Description (Chinese)

Cisco IOS XE是美国思科（Cisco）公司的一个操作系统。用于企业有线和无线访问，汇聚，核心和WAN的单一操作系统，Cisco IOS XE降低了业务和网络的复杂性。 Cisco IOS XE存在安全漏洞，该漏洞源于路径遍历和镜像完整性验证不当，可能导致执行持久性代码。

Description (English)

Cisco IOS XE is an operating system of Cisco. Cisco IOS XE, a single operating system for Cable and Wireless Access, Convergence, Core and WAN, reduces the complexity of operations and networks. Cisco IOS XE has a security loophole, which stems from inappropriate routing and mirror integrity verification, which may lead to the implementation of the persistent code.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Citadel

Published

2025-09-24

Last Modified

2026-02-24

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC https://access.redhat.com/security/cve/cve-2025-20313

Patch

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC