Vulnerability Details
Basic Information
| Title | CVE-2025-20155 |
|---|---|
| Type | cve |
| Published | 2025-05-07T18:15:37 |
| Last Seen | 2025-05-07T18:24:32 |
| CVSS Score | 6.0 (MEDIUM) |
CVSS v3 Details
| Attack Vector | LOCAL |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | HIGH |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | NONE |
CVE Information
| CVE IDs | CVE-2025-20155 |
|---|---|
| CWE | CWE-1287 |
| Bulletin Family | cve |
Description
A vulnerability in the bootstrap loading of Cisco IOS XE Software could allow an authenticated, local attacker to write arbitrary files to an affected system. This vulnerability is due to insufficient input validation of the bootstrap file that is…
Impact Assessment
| Base Score | 6.0 |
|---|---|
| Severity | MEDIUM |