CVE-2025-20340
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-10

Last updated on: 2025-09-11

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device.  This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities. A successful exploit could result in degraded device performance, loss of management connectivity, and complete unresponsiveness of the system, leading to a DoS condition.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-10
Last Modified
2025-09-11
Generated
2026-06-16
AI Q&A
2025-09-10
EPSS Evaluated
2026-06-15
NVD
CVE-2025-20340
EUVD
EUVD-2025-27573
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
cisco ios_xr 25.2.1
cisco ios_xr 7.11
cisco ios_xr 25.1.2
cisco ios_xr 24.2.21
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software. An unauthenticated attacker who is adjacent to the device can send a high, sustained rate of ARP traffic to the management interface, causing an ARP broadcast storm. This overwhelms the device's ARP processing capabilities, leading to degraded performance, loss of management connectivity, and potentially complete system unresponsiveness, resulting in a denial of service (DoS) condition. [1]

Impact Analysis

If exploited, this vulnerability can cause a denial of service (DoS) on affected Cisco IOS XR devices by overwhelming the ARP processing on the management interface. This results in degraded device performance, loss of management connectivity, and potentially complete system unresponsiveness, which can disrupt network operations and management. [1]

Detection Guidance

This vulnerability can be detected by monitoring system logs for repeated packet drops related to ARP processing, specifically taildrops on the XIPC queue owned by the ARP process. Look for log entries indicating ARP-related queue taildrops which suggest the device is overwhelmed by excessive ARP traffic on the management Ethernet interface. Specific commands are not provided in the resources. [1]

Mitigation Strategies

Immediate mitigation involves upgrading to the fixed Cisco IOS XR software releases that address this vulnerability. No workarounds or local packet transport service protections exist for this issue. Affected users should upgrade to fixed releases starting from versions 24.2.21, 25.1.2, or 25.2.1 depending on their current version. Contact Cisco TAC for fixed software if you do not have a service contract. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-20340. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart