Forwarded from Taiwan Computer Network Crisis Management and Coordination Center: Cybersecurity Alert TWCERTCC-200-202603-00000013

[Content Description]
Cisco recently released a major cybersecurity advisory for IOS XR Software (CVE-2026-20040, CVSS: 8.8 and CVE-2026-20046, CVSS: 8.8), both CLI privilege escalation vulnerabilities. CVE-2026-20040 could allow an authenticated local attacker to execute arbitrary commands as root on the affected device's underlying operating system; CVE-2026-20046 exists in task group assignments for specific CLI commands, potentially allowing an authenticated local attacker to escalate privileges and gain complete administrative control of the affected device.

[Affected Platforms]
Cisco IOS XR Software versions 25.1 and earlier
Cisco IOS XR Software version 25.2
Cisco IOS XR Software version 25.3
Cisco IOS XR Software version 25.4

[Recommended Actions]
Please update to the following versions:
【CVE-2026-20040】Cisco IOS XR Software version 25.2.21 Cisco IOS XR Software version 25.4.2
Note: For Cisco IOS XR Software versions 25.1 and earlier, and 25.3, please migrate to the fixed version.

【CVE-2026-20046】Cisco IOS XR Software version 25.2.2
Note: For Cisco IOS XR Software versions 25.1 and earlier, please migrate to the fixed version.

[References]
1. https://www.twcert.org.tw/tw/cp-169-10780-6b3d3-1.html