Privilege Escalation via CLI Task Group Misassignment in Cisco IOS XR
CVE-2026-20046 Published on March 11, 2026

Cisco IOS XR Software CLI Privilege Escalation Vulnerability
A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker with a low-privileged account could exploit this vulnerability by using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on an affected device without authorization checks.

NVD

Vulnerability Analysis

CVE-2026-20046 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to be very high.

Attack Vector:

LOCAL

Attack Complexity:

LOW

Privileges Required:

LOW

User Interaction:

NONE

Scope:

CHANGED

Confidentiality Impact:

HIGH

Integrity Impact:

HIGH

Availability Impact:

HIGH

Weakness Type

Permissions, Privileges, and Access Controls

Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control.

Products Associated with CVE-2026-20046

Want to know whenever a new CVE is published for Cisco Internetwork Operating System (IOS)? stack.watch will email you.

Cisco Internetwork Operating System (IOS)

Affected Versions

Cisco IOS XR Software:

Version 6.6.1 is affected.
Version 6.5.3 is affected.
Version 7.0.1 is affected.
Version 6.5.1 is affected.
Version 6.5.2 is affected.
Version 6.6.2 is affected.
Version 6.6.25 is affected.
Version 7.1.1 is affected.
Version 7.0.90 is affected.
Version 6.6.3 is affected.
Version 7.0.2 is affected.
Version 7.1.2 is affected.
Version 7.2.1 is affected.
Version 6.6.4 is affected.
Version 7.3.1 is affected.
Version 7.4.1 is affected.
Version 7.2.2 is affected.
Version 7.3.2 is affected.
Version 7.5.1 is affected.
Version 7.6.1 is affected.
Version 7.5.2 is affected.
Version 7.3.4 is affected.
Version 7.3.3 is affected.
Version 7.4.2 is affected.
Version 7.7.1 is affected.
Version 7.6.2 is affected.
Version 7.8.1 is affected.
Version 7.7.2 is affected.
Version 7.9.1 is affected.
Version 7.8.2 is affected.
Version 7.5.4 is affected.
Version 7.8.22 is affected.
Version 7.10.1 is affected.
Version 7.7.21 is affected.
Version 7.9.2 is affected.
Version 7.5.5 is affected.
Version 7.11.1 is affected.
Version 7.10.2 is affected.
Version 7.3.6 is affected.
Version 24.1.1 is affected.
Version 7.11.2 is affected.
Version 24.2.1 is affected.
Version 24.1.2 is affected.
Version 24.3.1 is affected.
Version 24.4.1 is affected.
Version 24.2.2 is affected.
Version 7.11.21 is affected.
Version 24.2.20 is affected.
Version 24.3.2 is affected.
Version 24.4.2 is affected.
Version 25.1.1 is affected.
Version 24.3.20 is affected.
Version 25.2.1 is affected.
Version 25.1.2 is affected.
Version 24.3.30 is affected.
Version 24.2.21 is affected.
Version 25.1.30 is affected.

Privilege Escalation via CLI Task Group Misassignment in Cisco IOS XRCVE-2026-20046 Published on March 11, 2026

Vulnerability Analysis

Weakness Type

Permissions, Privileges, and Access Controls

Products Associated with CVE-2026-20046

Affected Versions

Privilege Escalation via CLI Task Group Misassignment in Cisco IOS XR
CVE-2026-20046 Published on March 11, 2026