According to Cisco’s security advisory released on March 12, 2025, an attacker could exploit this vulnerability by sending crafted BGP update messages to trigger memory corruption, which may force the BGP process to restart and result in a network-wide denial of service condition. This buffer overflow vulnerability, classified as CWE-120, represents a significant threat to network stability for organizations using Cisco IOS XR with BGP confederation configured. Network administrators can determine if their devices are vulnerable by checking for BGP confederation configuration using the “show running-config router bgp” command. The exploit path requires the attacker to control a BGP confederation speaker within the same autonomous system as the target or requires a network configuration where the AS_CONFED_SEQUENCE attribute naturally grows beyond the threshold size. Organizations using affected versions should apply the relevant updates as soon as possible or implement the available workaround to restrict the BGP AS_CONFED_SEQUENCE attribute to 254 or fewer AS numbers. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability tracked as CVE-2025-20115, with a CVSS score of 8.6, could allow unauthenticated, remote attackers to cause denial-of-service conditions on affected network infrastructure. This policy should then be applied to BGP neighbor configurations using “policy max-asns in” and “policy max-asns out” directives. Cisco’s Product Security Incident Response Team (PSIRT) notes they are not aware of any malicious exploitation attempts in the wild. Gurubaran is a co-founder of Cyber Security News and GBHackers On Security.
This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 14 Mar 2025 12:05:06 +0000