BugZero | Cisco BugID CSCwo38903 - Cisco IOS XE Software Secure Boot Bypass Vulnerabi...

Cisco - Defect ID: CSCwo38903

Cisco IOS XE Software Secure Boot Bypass Vulnerability

Cisco - Defect ID: CSCwo38903

Cisco IOS XE Software Secure Boot Bypass Vulnerability

Last updated on January 15th, 2026

BugZero Risk Score
7.8 High

Overall: 7.8

Severity: 8.2

Lifecycle: 9.1

Popularity: 5.1

What is the BugZero Risk Score?

Cisco Integration

Learn more about where this data comes from

Cisco Integration

Learn more

Bug Scrub Advisor

Streamline upgrades with automated vendor bug scrubs

Bug Scrub Advisor

Learn more

BugZero Enterprise

Wish you caught this bug sooner? Get proactive today.

BugZero Enterprise

Learn more

Bug Details

Views: 13

Description

Symptom

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker with level-15 privileges or an unauthenticated attacker with physical access to an affected device to execute persistent code at boot time and break the chain of trust.This vulnerability is due improper validation of software packages. An attacker could exploit these vulnerabilities by placing a crafted file into a specific location on an affected device. A successful exploit could allow the attacker to execute persistent code on the underlying operating system. Because this vulnerability allows an attacker to bypass a major security feature of a device, Cisco has raised the Security Impact Rating (SIR) of this advisory from Medium to High. The Cisco Product Security Incident Response Team (PSIRT) validates only the affected and fixed release information that is documented in this advisory.

Conditions

For information on fixed versions of software consult the Cisco IOS Software checker: https:/sec.cloudapps.cisco.com/security/center/softwarechecker.x See Vulnerable Products Section of the advisory for full details: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-secboot-UqFD8AvC#vp

Workaround

There are no workarounds that address this vulnerability.

Further Problem Description

Please refer to the Security Advisory.

PSIRT Evaluation

The Cisco PSIRT has assigned this bug the following CVSS version 3 score. The Base CVSS score as of the time of evaluation is 6.7: https://sec.cloudapps.cisco.com/security/center/cvssCalculator.x?version=3.0&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H CVE ID CVE-2025-20313 has been assigned to document this issue. Additional information on Cisco's security vulnerability policy can be found at the following URL: https://sec.cloudapps.cisco.com/security/center/resources/security_vulnerability_policy.html

Change history

2026-01-15 Added: 17.18.1

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.18.1

Fixed versions: 17.12.1z5, 17.12.1z6, 17.12.5d, 17.12.6, 17.12.6a, 17.15.1z, 17.15.4, 17.15.4a, 17.15.4b, 17.15.4c, 17.15.4d, 17.15.4s1, 17.18.1, 17.18.1a, 17.18.1w, 17.18.2, 17.9.8, Cupertino-17.9.8, Dublin-17.12.6

Relevant Products

Click on a version to see all relevant bugs

Affected versions:17.18.1

Top Cisco Defects

No bugs this month

Ready to prevent the next vendor outage?

Get a demo

Cisco - Defect ID: CSCwo38903

Cisco IOS XE Software Secure Boot Bypass Vulnerability

Cisco - Defect ID: CSCwo38903

Cisco IOS XE Software Secure Boot Bypass Vulnerability

Last updated on January 15th, 2026

BugZero Risk Score7.8 High

Bug Details

Symptom

Conditions

Workaround

Further Problem Description

PSIRT Evaluation

Top Cisco Defects

Ready to prevent the next vendor outage?

Links

BugZero Risk Score
7.8 High