CVE-2025-20161

Name of the Vulnerable Software and Affected Versions Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode (affected versions not specified)

Description The issue is related to insufficient validation of specific elements within a software image in the software upgrade process. This could allow an authenticated, local attacker with valid Administrator credentials to execute a command injection attack on the underlying operating system of an affected device. An attacker could exploit this by installing a crafted image, potentially allowing the execution of arbitrary commands on the underlying operating system with root privileges.

Recommendations For Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode, validate the hash of any software image before installation to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.