PT-2026-24729 · Cisco · Ios Xr

Publicado

2026-03-11

·

Atualizado

2026-03-13

·

CVE-2026-20046

CVSS v3.1

8.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Cisco IOS XR Software (affected versions not specified)
Description A flaw exists in the task group assignment for a specific Command Line Interface (CLI) command within the software. This could allow an authenticated, local attacker to gain administrative control of a device. The issue stems from an incorrect mapping of a command to task groups in the source code. An attacker with limited privileges can bypass task group-based checks by using the CLI command, potentially elevating their privileges and performing unauthorized actions.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

LPE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

Enumeração de Fraquezas

Identificadores relacionados

BDU:2026-05203
CVE-2026-20046

Produtos afetados

Ios Xr