Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Kyaw_Myo_Oo
Advocate I
Thursday
Thursday

Cisco IOS XR Software Vulnerability Allows Attackers to Execute Commands as Root

Dear All,

 

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker to execute arbitrary commands as root on the underlying operating system of an affected device.

 

This vulnerability is due to insufficient validation of user arguments that are passed to specific CLI commands. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root and execute arbitrary commands.

 

https://cybersecuritynews.com/cisco-ios-xr-software-vulnerability-command/

 

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-priv-es...

 

 

 

 

 

Kyaw Myo Oo
Information Security Program Manager , CB BANK PCL
CCIE #58769 | CISSP | PMP | CCSM | SAA-C03 | PCNSE
Reply
0 Kudos
1 Reply
tatssa
Newcomer I
8 hours ago
8 hours ago

Thanks for sharing this! It’s always important to stay on top of security vulnerabilities, and I appreciate the heads-up. I’ll definitely look into this and make sure the right precautions are taken. Really appreciate the effort in keeping everyone informed!

Reply
0 Kudos