CVE-2025-20181

Name of the Vulnerable Software and Affected Versions Cisco IOS Software for Cisco Catalyst 2960X, 2960XR, 2960CX, and 3560CX Series Switches (affected versions not specified)

Description A vulnerability in the software could allow an authenticated, local attacker with high privilege levels or an unauthenticated attacker with physical access to the device to execute persistent code at boot time, breaking the chain of trust. This issue arises from missing signature verification for specific files loaded during the device boot process. An attacker could exploit this by placing a crafted file in a specific location on an affected device, potentially allowing the execution of arbitrary code at boot time.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.