{"id":16959,"date":"2025-09-10T11:26:27","date_gmt":"2025-09-10T11:26:27","guid":{"rendered":"http:\/\/localhost\/?p=16959"},"modified":"2025-09-10T11:26:27","modified_gmt":"2025-09-10T11:26:27","slug":"cisco-ios-xr-software-management-interface-acl-bypass-vulnerability","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=16959","title":{"rendered":"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159"},"content":{"rendered":"

{“lastseen”:””,”description”:”A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass configured ACLs for the SSH, NetConf, and gRPC features.\\r\\n\\r\\nThis vulnerability exists because management interface ACLs have not been supported on Cisco IOS XR Software Packet I\/O infrastructure platforms for Linux-handled features such as SSH, NetConf, or gRPC. An attacker could exploit this vulnerability by attempting to send traffic to an affected device. A successful exploit could allow the attacker to bypass an ingress ACL that is applied on the management interface of the affected device.”,”published”:”2025-09-10T16:06:49.862Z”,”modified”:”2025-09-10T16:06:49.862Z”,”type”:”cve”,”title”:”Cisco IOS XR Software Management Interface ACL Bypass Vulnerability”,”source”:”cisco”,”references”:”https:\/\/sec.cloudapps.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-acl-packetio-Swjhhbtz”,”id”:”CVE-2025-20159″,”bulletinFamily”:””,”cwe”:null,”cvelist”:null,”sourceData”:”Cisco Cisco IOS XR Software 6.6.1\\nCisco Cisco IOS XR Software 6.5.3\\nCisco Cisco IOS XR Software 7.0.1\\nCisco Cisco IOS XR Software 6.6.11\\nCisco Cisco IOS XR Software 6.5.1\\nCisco Cisco IOS XR Software 6.5.2\\nCisco Cisco IOS XR Software 6.6.2\\nCisco Cisco IOS XR Software 6.6.12\\nCisco Cisco IOS XR Software 6.6.25\\nCisco Cisco IOS XR Software 7.1.1\\nCisco Cisco IOS XR Software 7.0.90\\nCisco Cisco IOS XR Software 6.6.3\\nCisco Cisco IOS XR Software 7.0.2\\nCisco Cisco IOS XR Software 7.1.2\\nCisco Cisco IOS XR Software 7.2.1\\nCisco Cisco IOS XR Software 7.0.11\\nCisco Cisco IOS XR Software 7.0.12\\nCisco Cisco IOS XR Software 7.0.14\\nCisco Cisco IOS XR Software 6.6.4\\nCisco Cisco IOS XR Software 7.2.12\\nCisco Cisco IOS XR Software 7.3.1\\nCisco Cisco IOS XR Software 7.4.1\\nCisco Cisco IOS XR Software 7.2.2\\nCisco Cisco IOS XR Software 7.3.15\\nCisco Cisco IOS XR Software 7.3.16\\nCisco Cisco IOS XR Software 7.4.15\\nCisco Cisco IOS XR Software 7.3.2\\nCisco Cisco IOS XR Software 7.5.1\\nCisco Cisco IOS XR Software 7.4.16\\nCisco Cisco IOS XR Software 7.3.27\\nCisco Cisco IOS XR Software 7.6.1\\nCisco Cisco IOS XR Software 7.5.2\\nCisco Cisco IOS XR Software 7.8.1\\nCisco Cisco IOS XR Software 7.6.15\\nCisco Cisco IOS XR Software 7.5.12\\nCisco Cisco IOS XR Software 7.8.12\\nCisco Cisco IOS XR Software 7.3.4\\nCisco Cisco IOS XR Software 7.3.3\\nCisco Cisco IOS XR Software 7.4.2\\nCisco Cisco IOS XR Software 7.7.1\\nCisco Cisco IOS XR Software 7.6.2\\nCisco Cisco IOS XR Software 7.5.3\\nCisco Cisco IOS XR Software 7.7.2\\nCisco Cisco IOS XR Software 7.9.1\\nCisco Cisco IOS XR Software 7.10.1\\nCisco Cisco IOS XR Software 7.8.2\\nCisco Cisco IOS XR Software 7.5.4\\nCisco Cisco IOS XR Software 7.8.22\\nCisco Cisco IOS XR Software 7.7.21\\nCisco Cisco IOS XR Software 7.9.2\\nCisco Cisco IOS XR Software 7.3.5\\nCisco Cisco IOS XR Software 7.5.5\\nCisco Cisco IOS XR Software 7.11.1\\nCisco Cisco IOS XR Software 7.10.2\\nCisco Cisco IOS XR Software 24.1.1\\nCisco Cisco IOS XR Software 7.3.6\\nCisco Cisco IOS XR Software 7.5.52\\nCisco Cisco IOS XR Software 7.11.2\\nCisco Cisco IOS XR Software 24.2.1\\nCisco Cisco IOS XR Software 24.1.2\\nCisco Cisco IOS XR Software 24.2.11\\nCisco Cisco IOS XR Software 24.3.1\\nCisco Cisco IOS XR Software 24.4.1\\nCisco Cisco IOS XR Software 24.2.2\\nCisco Cisco IOS XR Software 7.11.21\\nCisco Cisco IOS XR Software 24.2.20\\nCisco Cisco IOS XR Software 24.3.2\\nCisco Cisco IOS XR Software 25.1.1\\nCisco Cisco IOS XR Software 24.4.2\\nCisco Cisco IOS XR Software 24.3.20\\nCisco Cisco IOS XR Software 25.1.2\\nCisco Cisco IOS XR Software 24.3.30\\nCisco Cisco IOS XR Software 24.4.30\\nCisco Cisco IOS XR Software 24.2.21″,”sourceHref”:””,”cvss”:{“score”:5.3,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:N\/I:L\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”Cisco IOS XR Software”,”version”:”6.6.1″,”vendor”:”Cisco”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:””,”description”:”A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,22,12,21,13,7,11,5],"class_list":["post-16959","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-53","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nCisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=16959\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:””,”description”:”A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=16959\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-10T11:26:27+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159\",\"datePublished\":\"2025-09-10T11:26:27+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959\"},\"wordCount\":609,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"CVSS-5.3\",\"exploit\",\"MEDIUM\",\"news\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_cve\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=16959#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959\",\"name\":\"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2025-09-10T11:26:27+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=16959\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=16959#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=16959","og_locale":"en_US","og_type":"article","og_title":"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159 - zero redgem","og_description":"{“lastseen”:””,”description”:”A vulnerability in the management interface access control list (ACL) processing feature in Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass...","og_url":"https:\/\/zero.redgem.net\/?p=16959","og_site_name":"zero redgem","article_published_time":"2025-09-10T11:26:27+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=16959#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=16959"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159","datePublished":"2025-09-10T11:26:27+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=16959"},"wordCount":609,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","CVSS-5.3","exploit","MEDIUM","news","Security","tapic","Vulnerability"],"articleSection":["category_cve"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=16959#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=16959","url":"https:\/\/zero.redgem.net\/?p=16959","name":"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2025-09-10T11:26:27+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=16959#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=16959"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=16959#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Cisco IOS XR Software Management Interface ACL Bypass Vulnerability_CVE-2025-20159"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/16959","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16959"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/16959\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16959"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16959"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16959"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}