Vulnslist

find the latest Cisco vulnerabilities

Cisco IOS XR Software CLI Privilege Escalation Vulnerabilities

cisco-sa-iosxr-privesc-bF8D5U4W · High · Published · Updated

Multiple vulnerabilities in Cisco IOS XR Software could allow an authenticated, local attacker to execute commands as root on an underlying operating system or gain full administrative control of an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Cisco has released software updates that address these vulnerabilities. A workaround is available for one of the vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxr-privesc-bF8D5U4W This advisory is part of the March 2026 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: March 2026 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication.

Cisco advisory ·CSAF JSON

Workarounds

CVE-2026-20040: There are no workarounds that address this vulnerability.

CVE-2026-20046: There is a workaround only for devices that have TACACS+ authentication, authorization, and accounting (AAA) command authorization configured. Administrators can use this feature to permit access only to commands that non-administrative users require and deny access to all other commands.

While this workaround has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer deployment scenarios and limitations. Customers should not deploy any workarounds or mitigations before first evaluating the applicability to their own environment and any impact to such environment.

CVEsCVE-2026-20040, CVE-2026-20046
Cisco Bug IDsCSCwp27221, CSCwp30135, CSCwp30142, CSCwp30146, CSCwp32614, CSCwp32629, CSCwp33021, CSCwp33030, CSCwp84685, CSCwp33034, CSCwp30149, CSCwp35627, CSCws24696, CSCws24717, CSCws24740, CSCwp87543
CVSS ScoreBase 8.8
Base 8.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:X/RL:X/RC:X
Product Names From Source
Cisco IOS XR Software, Cisco IOS

Related Products

Product CVE Evidence
Cisco Nexus Dashboard CVE-2026-20046 Cisco OpenVuln
Cisco Nexus Dashboard CVE-2026-20040 Cisco OpenVuln
Cisco IOS Software CVE-2026-20046 Cisco OpenVuln
Cisco IOS Software CVE-2026-20040 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2026-20046 Cisco OpenVuln
Cisco Catalyst PON Series Switches CVE-2026-20040 Cisco OpenVuln
Cisco IOS XR Software CVE-2026-20046 Cisco OpenVuln
Cisco IOS XR Software CVE-2026-20040 Cisco OpenVuln
Cisco IOS CVE-2026-20046 Cisco OpenVuln
Cisco IOS CVE-2026-20040 Cisco OpenVuln