CVE-2025-20164

Summary

A vulnerability in the Cisco Industrial Ethernet Switch Device Manager (DM) of Cisco IOS Software could allow an authenticated, remote attacker to elevate privileges. This vulnerability is due to insufficient validation of authorizations for authenticated users. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to elevate privileges to privilege level 15. To exploit this vulnerability, the attacker must have valid credentials for a user account with privilege level 5 or higher. Read-only DM users are assigned privilege level 5.

Affected Software

VendorProductVersion RangeStatus
CiscoIOS15.0(2)SE8affected
CiscoIOS15.0(2)EAaffected
CiscoIOS15.0(2)EA1affected
CiscoIOS15.2(2)Eaffected
CiscoIOS15.2(2)E1affected
CiscoIOS15.2(3)E1affected
CiscoIOS15.2(2)E2affected
CiscoIOS15.2(2)E3affected
CiscoIOS15.2(2a)E2affected
CiscoIOS15.2(3)E2affected
CiscoIOS15.2(3)E3affected
CiscoIOS15.2(2)E4affected
CiscoIOS15.2(2)E5affected
CiscoIOS15.2(3)E4affected
CiscoIOS15.2(5)Eaffected
CiscoIOS15.2(2)E6affected
CiscoIOS15.2(5)E1affected
CiscoIOS15.2(2)E5aaffected
CiscoIOS15.2(5a)E1affected
CiscoIOS15.2(2)E7affected
CiscoIOS15.2(5)E2affected
CiscoIOS15.2(6)Eaffected
CiscoIOS15.2(5)E2caffected
CiscoIOS15.2(2)E8affected
CiscoIOS15.2(6)E0aaffected
CiscoIOS15.2(6)E1affected
CiscoIOS15.2(6)E0caffected
CiscoIOS15.2(2)E9affected
CiscoIOS15.2(7)Eaffected
CiscoIOS15.2(2)E10affected
CiscoIOS15.2(6)E2aaffected
CiscoIOS15.2(7)E0baffected
CiscoIOS15.2(7)E0saffected
CiscoIOS15.2(6)E3affected
CiscoIOS15.2(7)E2affected
CiscoIOS15.2(7)E3affected
CiscoIOS15.2(7)E1aaffected
CiscoIOS15.2(7)E4affected
CiscoIOS15.2(8)Eaffected
CiscoIOS15.2(8)E1affected
CiscoIOS15.2(7)E5affected
CiscoIOS15.2(7)E6affected
CiscoIOS15.2(8)E2affected
CiscoIOS15.2(7)E7affected
CiscoIOS15.2(8)E3affected
CiscoIOS15.2(7)E8affected
CiscoIOS15.2(8)E4affected
CiscoIOS15.2(7)E9affected
CiscoIOS15.2(8)E5affected
CiscoIOS15.2(8)E6affected
CiscoIOS15.2(7)E10affected
CiscoIOS15.2(7)E11affected
CiscoIOS15.2(1)EYaffected
CiscoIOS15.0(2)EKaffected
CiscoIOS15.0(2)EK1affected
CiscoIOS15.2(2)EBaffected
CiscoIOS15.2(2)EB1affected
CiscoIOS15.2(2)EB2affected
CiscoIOS15.2(6)EBaffected
CiscoIOS15.2(2)EAaffected
CiscoIOS15.2(2)EA2affected
CiscoIOS15.2(3)EAaffected
CiscoIOS15.2(4)EAaffected
CiscoIOS15.2(4)EA1affected
CiscoIOS15.2(2)EA3affected
CiscoIOS15.2(4)EA4affected
CiscoIOS15.2(4)EA5affected
CiscoIOS15.2(4)EA6affected
CiscoIOS15.2(4)EA7affected
CiscoIOS15.2(4)EA8affected
CiscoIOS15.2(4)EA9affected
CiscoIOS15.2(4)EA9aaffected
CiscoIOS15.2(4)EC1affected
CiscoIOS15.2(4)EC2affected
CiscoIOS15.3(3)JPUaffected

Weaknesses

  • CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References