Cisco has released security updates to address vulnerabilities that affect Cisco products running IOS XR software. These updates specifically target vulnerabilities identified as CVE-2025-20138, CVE-2025-20141, CVE-2025-20142, CVE-2025-20146, and CVE-2025-20209.

Affected Systems

• Network Convergence System (NCS) 540L

• NCS 1004, NCS 1010, NCS 1014

• IOS XR White Box (IOSXRWBD)

• NCS 540 Series Routers, NCS 5500 Series, NCS 5700 Series

• ASR 9000 Series Aggregation Services Routers

• ASR 9902 and ASR 9903 Compact High-Performance Routers.

Security Risks

If successfully exploited, the identified vulnerabilities in Cisco products could enable an attacker to take control of an affected system and carry out malicious activities.

For the full list of security patches released by Cisco, please refer to Cisco Security Advisories.

Recommended Actions

The National Cyber Security Authority (NCSA) recommends users and system administrators to:

1. Follow and put in place the security updates shared by Cisco to lower the risk of vulnerability exploitation.

2. Apply the required and latest security updates as soon as possible.

The released software versions available for upgrade include, but are not limited to:

• Upgrading your Cisco IOS XR to version 7.8, 7.10, or a later version.

• Applying the SMU on Cisco IOS XR version 7.9.2 or migrating to a fixed release

3. Before updating or patching, please ensure that you have the latest backup that can easily be restored.

For further information and support, please contact the National Cyber Security Authority (NCSA) by email to rwcsirt@ncsa.gov.rw or call us on 9009.

References

• cisco-sa-xrike-9wYGpRGq

• Cisco Security Advisories

• Cisco IOS XR Software Image Verification Bypass Vulnerability