Cisco IOS XE CLI Auth Priv Escalation to Root
CVE-2025-20338 Published on September 24, 2025
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker with administrative privileges to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker could exploit this vulnerability by logging in to the device CLI with valid administrative (level 15) credentials and using crafted commands at the CLI prompt. A successful exploit could allow the attacker to execute arbitrary commands as root.
Vulnerability Analysis
CVE-2025-20338 is exploitable with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality and integrity, and no impact on availability.
Attack Vector:
LOCAL
Attack Complexity:
LOW
Privileges Required:
HIGH
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
HIGH
Availability Impact:
NONE
Weakness Type
Improper Neutralization of Parameter/Argument Delimiters
The software receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as parameter or argument delimiters when they are sent to a downstream component. As data is parsed, an injected/absent/malformed delimiter may cause the process to take unexpected actions.
Products Associated with CVE-2025-20338
Want to know whenever a new CVE is published for Cisco IOS XE? stack.watch will email you.
Affected Versions
Cisco IOS XE Software:- Version 3.5.0E is affected.
- Version 3.5.1E is affected.
- Version 3.5.2E is affected.
- Version 3.5.3E is affected.
- Version 3.11.1S is affected.
- Version 3.11.2S is affected.
- Version 3.11.0S is affected.
- Version 3.11.3S is affected.
- Version 3.11.4S is affected.
- Version 3.12.0S is affected.
- Version 3.12.1S is affected.
- Version 3.12.2S is affected.
- Version 3.12.3S is affected.
- Version 3.12.0aS is affected.
- Version 3.12.4S is affected.
- Version 3.13.0S is affected.
- Version 3.13.1S is affected.
- Version 3.13.2S is affected.
- Version 3.13.3S is affected.
- Version 3.13.4S is affected.
- Version 3.13.5S is affected.
- Version 3.13.2aS is affected.
- Version 3.13.0aS is affected.
- Version 3.13.5aS is affected.
- Version 3.13.6S is affected.
- Version 3.13.7S is affected.
- Version 3.13.6aS is affected.
- Version 3.13.7aS is affected.
- Version 3.13.8S is affected.
- Version 3.13.9S is affected.
- Version 3.13.10S is affected.
- Version 3.6.0E is affected.
- Version 3.6.1E is affected.
- Version 3.6.2aE is affected.
- Version 3.6.2E is affected.
- Version 3.6.3E is affected.
- Version 3.6.4E is affected.
- Version 3.6.5E is affected.
- Version 3.6.6E is affected.
- Version 3.6.5aE is affected.
- Version 3.6.7E is affected.
- Version 3.6.8E is affected.
- Version 3.6.7bE is affected.
- Version 3.6.9E is affected.
- Version 3.6.10E is affected.
- Version 3.14.0S is affected.
- Version 3.14.1S is affected.
- Version 3.14.2S is affected.
- Version 3.14.3S is affected.
- Version 3.14.4S is affected.
- Version 3.15.0S is affected.
- Version 3.15.1S is affected.
- Version 3.15.2S is affected.
- Version 3.15.1cS is affected.
- Version 3.15.3S is affected.
- Version 3.15.4S is affected.
- Version 3.7.0E is affected.
- Version 3.7.1E is affected.
- Version 3.7.2E is affected.
- Version 3.7.3E is affected.
- Version 3.7.4E is affected.
- Version 3.7.5E is affected.
- Version 3.5.0SQ is affected.
- Version 3.5.1SQ is affected.
- Version 3.5.2SQ is affected.
- Version 3.5.3SQ is affected.
- Version 3.5.4SQ is affected.
- Version 3.5.5SQ is affected.
- Version 3.5.6SQ is affected.
- Version 3.5.7SQ is affected.
- Version 3.5.8SQ is affected.
- Version 3.16.0S is affected.
- Version 3.16.1S is affected.
- Version 3.16.1aS is affected.
- Version 3.16.2S is affected.
- Version 3.16.2aS is affected.
- Version 3.16.0cS is affected.
- Version 3.16.3S is affected.
- Version 3.16.2bS is affected.
- Version 3.16.3aS is affected.
- Version 3.16.4S is affected.
- Version 3.16.4aS is affected.
- Version 3.16.4bS is affected.
- Version 3.16.5S is affected.
- Version 3.16.4dS is affected.
- Version 3.16.6S is affected.
- Version 3.16.7S is affected.
- Version 3.16.6bS is affected.
- Version 3.16.7aS is affected.
- Version 3.16.7bS is affected.
- Version 3.16.8S is affected.
- Version 3.16.9S is affected.
- Version 3.16.10S is affected.
- Version 3.17.0S is affected.
- Version 3.17.1S is affected.
- Version 3.17.2S is affected.
- Version 3.17.1aS is affected.
- Version 3.17.3S is affected.
- Version 3.17.4S is affected.
- Version 3.8.0E is affected.
- Version 3.8.1E is affected.
- Version 3.8.2E is affected.
- Version 3.8.3E is affected.
- Version 3.8.4E is affected.
- Version 3.8.5E is affected.
- Version 3.8.5aE is affected.
- Version 3.8.6E is affected.
- Version 3.8.7E is affected.
- Version 3.8.8E is affected.
- Version 3.8.9E is affected.
- Version 3.8.10E is affected.
- Version 3.8.10eE is affected.
- Version 3.18.0aS is affected.
- Version 3.18.0S is affected.
- Version 3.18.1S is affected.
- Version 3.18.2S is affected.
- Version 3.18.3S is affected.
- Version 3.18.4S is affected.
- Version 3.18.0SP is affected.
- Version 3.18.1SP is affected.
- Version 3.18.1aSP is affected.
- Version 3.18.1bSP is affected.
- Version 3.18.1cSP is affected.
- Version 3.18.2SP is affected.
- Version 3.18.2aSP is affected.
- Version 3.18.3SP is affected.
- Version 3.18.4SP is affected.
- Version 3.18.3aSP is affected.
- Version 3.18.3bSP is affected.
- Version 3.18.5SP is affected.
- Version 3.18.6SP is affected.
- Version 3.18.7SP is affected.
- Version 3.18.8aSP is affected.
- Version 3.18.9SP is affected.
- Version 3.9.0E is affected.
- Version 3.9.1E is affected.
- Version 3.9.2E is affected.
- Version 16.6.1 is affected.
- Version 16.6.2 is affected.
- Version 16.6.3 is affected.
- Version 16.6.4 is affected.
- Version 16.6.5 is affected.
- Version 16.6.4a is affected.
- Version 16.6.5a is affected.
- Version 16.6.6 is affected.
- Version 16.6.7 is affected.
- Version 16.6.8 is affected.
- Version 16.6.9 is affected.
- Version 16.6.10 is affected.
- Version 16.7.1 is affected.
- Version 16.7.1a is affected.
- Version 16.7.1b is affected.
- Version 16.7.2 is affected.
- Version 16.7.3 is affected.
- Version 16.7.4 is affected.
- Version 16.8.1 is affected.
- Version 16.8.1a is affected.
- Version 16.8.1b is affected.
- Version 16.8.1s is affected.
- Version 16.8.1c is affected.
- Version 16.8.1d is affected.
- Version 16.8.2 is affected.
- Version 16.8.1e is affected.
- Version 16.8.3 is affected.
- Version 16.9.1 is affected.
- Version 16.9.2 is affected.
- Version 16.9.1a is affected.
- Version 16.9.1b is affected.
- Version 16.9.1s is affected.
- Version 16.9.3 is affected.
- Version 16.9.4 is affected.
- Version 16.9.3a is affected.
- Version 16.9.5 is affected.
- Version 16.9.5f is affected.
- Version 16.9.6 is affected.
- Version 16.9.7 is affected.
- Version 16.9.8 is affected.
- Version 16.10.1 is affected.
- Version 16.10.1a is affected.
- Version 16.10.1b is affected.
- Version 16.10.1s is affected.
- Version 16.10.1c is affected.
- Version 16.10.1e is affected.
- Version 16.10.1d is affected.
- Version 16.10.2 is affected.
- Version 16.10.1f is affected.
- Version 16.10.1g is affected.
- Version 16.10.3 is affected.
- Version 3.10.0E is affected.
- Version 3.10.1E is affected.
- Version 3.10.0cE is affected.
- Version 3.10.2E is affected.
- Version 3.10.3E is affected.
- Version 16.11.1 is affected.
- Version 16.11.1a is affected.
- Version 16.11.1b is affected.
- Version 16.11.2 is affected.
- Version 16.11.1s is affected.
- Version 16.12.1 is affected.
- Version 16.12.1s is affected.
- Version 16.12.1a is affected.
- Version 16.12.1c is affected.
- Version 16.12.1w is affected.
- Version 16.12.2 is affected.
- Version 16.12.1y is affected.
- Version 16.12.2a is affected.
- Version 16.12.3 is affected.
- Version 16.12.8 is affected.
- Version 16.12.2s is affected.
- Version 16.12.1x is affected.
- Version 16.12.1t is affected.
- Version 16.12.4 is affected.
- Version 16.12.3s is affected.
- Version 16.12.3a is affected.
- Version 16.12.4a is affected.
- Version 16.12.5 is affected.
- Version 16.12.6 is affected.
- Version 16.12.1z1 is affected.
- Version 16.12.5a is affected.
- Version 16.12.5b is affected.
- Version 16.12.1z2 is affected.
- Version 16.12.6a is affected.
- Version 16.12.7 is affected.
- Version 16.12.9 is affected.
- Version 16.12.10 is affected.
- Version 16.12.10a is affected.
- Version 16.12.11 is affected.
- Version 16.12.12 is affected.
- Version 16.12.13 is affected.
- Version 3.11.0E is affected.
- Version 3.11.1E is affected.
- Version 3.11.2E is affected.
- Version 3.11.3E is affected.
- Version 3.11.1aE is affected.
- Version 3.11.4E is affected.
- Version 3.11.3aE is affected.
- Version 3.11.5E is affected.
- Version 3.11.6E is affected.
- Version 3.11.7E is affected.
- Version 3.11.8E is affected.
- Version 3.11.9E is affected.
- Version 3.11.10E is affected.
- Version 3.11.11E is affected.
- Version 3.11.12E is affected.
- Version 17.1.1 is affected.
- Version 17.1.1a is affected.
- Version 17.1.1s is affected.
- Version 17.1.1t is affected.
- Version 17.1.3 is affected.
- Version 17.2.1 is affected.
- Version 17.2.1r is affected.
- Version 17.2.1a is affected.
- Version 17.2.1v is affected.
- Version 17.2.2 is affected.
- Version 17.2.3 is affected.
- Version 17.3.1 is affected.
- Version 17.3.2 is affected.
- Version 17.3.3 is affected.
- Version 17.3.1a is affected.
- Version 17.3.1w is affected.
- Version 17.3.2a is affected.
- Version 17.3.1x is affected.
- Version 17.3.1z is affected.
- Version 17.3.4 is affected.
- Version 17.3.5 is affected.
- Version 17.3.4a is affected.
- Version 17.3.6 is affected.
- Version 17.3.4b is affected.
- Version 17.3.4c is affected.
- Version 17.3.5a is affected.
- Version 17.3.5b is affected.
- Version 17.3.7 is affected.
- Version 17.3.8 is affected.
- Version 17.3.8a is affected.
- Version 17.4.1 is affected.
- Version 17.4.2 is affected.
- Version 17.4.1a is affected.
- Version 17.4.1b is affected.
- Version 17.4.2a is affected.
- Version 17.5.1 is affected.
- Version 17.5.1a is affected.
- Version 17.6.1 is affected.
- Version 17.6.2 is affected.
- Version 17.6.1w is affected.
- Version 17.6.1a is affected.
- Version 17.6.1x is affected.
- Version 17.6.3 is affected.
- Version 17.6.1y is affected.
- Version 17.6.1z is affected.
- Version 17.6.3a is affected.
- Version 17.6.4 is affected.
- Version 17.6.1z1 is affected.
- Version 17.6.5 is affected.
- Version 17.6.6 is affected.
- Version 17.6.6a is affected.
- Version 17.6.5a is affected.
- Version 17.6.7 is affected.
- Version 17.6.8 is affected.
- Version 17.6.8a is affected.
- Version 17.7.1 is affected.
- Version 17.7.1a is affected.
- Version 17.7.1b is affected.
- Version 17.7.2 is affected.
- Version 17.10.1 is affected.
- Version 17.10.1a is affected.
- Version 17.10.1b is affected.
- Version 17.8.1 is affected.
- Version 17.8.1a is affected.
- Version 17.9.1 is affected.
- Version 17.9.1w is affected.
- Version 17.9.2 is affected.
- Version 17.9.1a is affected.
- Version 17.9.1x is affected.
- Version 17.9.1y is affected.
- Version 17.9.3 is affected.
- Version 17.9.2a is affected.
- Version 17.9.1x1 is affected.
- Version 17.9.3a is affected.
- Version 17.9.4 is affected.
- Version 17.9.1y1 is affected.
- Version 17.9.5 is affected.
- Version 17.9.4a is affected.
- Version 17.9.5a is affected.
- Version 17.9.5b is affected.
- Version 17.9.6 is affected.
- Version 17.9.6a is affected.
- Version 17.9.7 is affected.
- Version 17.9.5e is affected.
- Version 17.9.5f is affected.
- Version 17.9.7a is affected.
- Version 17.9.7b is affected.
- Version 17.11.1 is affected.
- Version 17.11.1a is affected.
- Version 17.12.1 is affected.
- Version 17.12.1w is affected.
- Version 17.12.1a is affected.
- Version 17.12.1x is affected.
- Version 17.12.2 is affected.
- Version 17.12.3 is affected.
- Version 17.12.2a is affected.
- Version 17.12.1y is affected.
- Version 17.12.1z is affected.
- Version 17.12.4 is affected.
- Version 17.12.3a is affected.
- Version 17.12.1z1 is affected.
- Version 17.12.1z2 is affected.
- Version 17.12.4a is affected.
- Version 17.12.5 is affected.
- Version 17.12.4b is affected.
- Version 17.12.1z3 is affected.
- Version 17.12.5a is affected.
- Version 17.12.1z4 is affected.
- Version 17.12.5b is affected.
- Version 17.12.5c is affected.
- Version 17.13.1 is affected.
- Version 17.13.1a is affected.
- Version 17.14.1 is affected.
- Version 17.14.1a is affected.
- Version 17.15.1 is affected.
- Version 17.15.1w is affected.
- Version 17.15.1a is affected.
- Version 17.15.2 is affected.
- Version 17.15.1b is affected.
- Version 17.15.1x is affected.
- Version 17.15.1z is affected.
- Version 17.15.3 is affected.
- Version 17.15.2c is affected.
- Version 17.15.2a is affected.
- Version 17.15.1y is affected.
- Version 17.15.2b is affected.
- Version 17.15.3a is affected.
- Version 17.15.3b is affected.
- Version 17.16.1 is affected.
- Version 17.16.1a is affected.
Exploit Probability
EPSS
0.01%
Percentile
1.62%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.