CVE-2025-20160
CVSS Score
8.1
EPSS Score
0.0%
EPSS Percentile
0th
A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required TACACS+ shared secret is configured. A machine-in-the-middle attacker could exploit this vulnerability by intercepting and reading unencrypted TACACS+ messages or impersonating the TACACS+ server and falsely accepting arbitrary authentication requests. A successful exploit could allow the attacker to view sensitive information in a TACACS+ message or bypass authentication and gain access to the affected device.
| CWE | CWE-287 |
| Vendor | cisco |
| Product | ios |
| Ecosystems | |
| Industries | TechnologyMobileNetworkingTelecommunications |
| Published | Sep 24, 2025 |
| Last Updated | Feb 26, 2026 |
Stay Ahead of the Next One
Get instant alerts for cisco ios
Be the first to know when new high vulnerabilities affecting cisco ios are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
CVSS v3 Breakdown
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected Versions
Cisco / IOS
15.2(6)E1 15.2(4)E6 15.2(6)E2 15.2(4)E7 15.2(7)E 15.2(4)E8 15.2(6)E2a 15.2(6)E2b 15.2(7)E1 15.2(7)E0a 15.2(7)E0b 15.2(7)E0s 15.2(6)E3 15.2(4)E9 15.2(7)E2 15.2(7a)E0b 15.2(4)E10 15.2(7)E3 15.2(7)E1a 15.2(7b)E0b 15.2(7)E2a 15.2(4)E10a 15.2(7)E4 15.2(7)E3k 15.2(8)E 15.2(8)E1 15.2(7)E5 15.2(7)E6 15.2(8)E2 15.2(4)E10d 15.2(7)E7 15.2(8)E3 15.2(7)E8 15.2(8)E4 15.2(7)E9 15.2(8)E5 15.2(8)E6 15.2(7)E10 15.2(7)E11 15.2(8)E7 15.2(7)E12 15.5(3)S8 15.5(3)S9 15.5(3)S10 15.5(3)S9a 15.2(6)EB 15.5(3)M7 15.5(3)M8 15.5(3)M9 15.5(3)M10 15.6(2)SP5 15.6(2)SP6 15.6(2)SP7 15.6(2)SP8 15.6(2)SP9 15.6(3)M4 15.6(3)M5 15.6(3)M6 15.6(3)M7 15.6(3)M6a 15.6(3)M6b 15.6(3)M8 15.6(3)M9 15.5(1)SY2 15.5(1)SY3 15.5(1)SY4 15.5(1)SY5 15.5(1)SY6 15.5(1)SY7 15.5(1)SY8 15.5(1)SY9 15.5(1)SY10 15.5(1)SY11 15.5(1)SY12 15.5(1)SY13 15.5(1)SY14 15.5(1)SY15 15.7(3)M3 15.7(3)M2 15.7(3)M4 15.7(3)M5 15.7(3)M4a 15.7(3)M4b 15.7(3)M6 15.7(3)M7 15.7(3)M8 15.7(3)M9 15.8(3)M 15.8(3)M1 15.8(3)M0a 15.8(3)M0b 15.8(3)M2 15.8(3)M1a 15.8(3)M3 15.8(3)M2a 15.8(3)M4 15.8(3)M3a 15.8(3)M3b 15.8(3)M5 15.8(3)M6 15.8(3)M7 15.8(3)M8 15.8(3)M9 15.9(3)M 15.9(3)M1 15.9(3)M0a 15.9(3)M2 15.9(3)M3 15.9(3)M2a 15.9(3)M3a 15.9(3)M4 15.9(3)M3b 15.9(3)M5 15.9(3)M4a 15.9(3)M6 15.9(3)M7 15.9(3)M6a 15.9(3)M6b 15.9(3)M8 15.9(3)M7a 15.9(3)M9 15.9(3)M8b 15.9(3)M10 15.9(3)M11
Cisco / Cisco IOS XE Software
3.16.8S 3.16.9S 3.16.10S 3.8.6E 3.8.7E 3.8.8E 3.8.9E 3.8.10E 3.18.5SP 3.18.6SP 3.18.7SP 3.18.8aSP 3.18.9SP 16.6.5 16.6.5a 16.6.6 16.6.7 16.6.8 16.6.9 16.6.10 16.8.1 16.8.1a 16.8.1b 16.8.1s 16.8.1c 16.8.1d 16.8.2 16.8.1e 16.8.3 16.9.1 16.9.2 16.9.1a 16.9.1b 16.9.1s 16.9.3 16.9.4 16.9.3a 16.9.5 16.9.5f 16.9.6 16.9.7 16.9.8 16.10.1 16.10.1a 16.10.1b 16.10.1s 16.10.1c 16.10.1e 16.10.1d 16.10.2 16.10.1f 16.10.1g 16.10.3 3.10.1E 3.10.2E 3.10.3E 16.11.1 16.11.1a 16.11.1b 16.11.2 16.11.1s 16.12.1 16.12.1s 16.12.1a 16.12.1c 16.12.1w 16.12.2 16.12.1y 16.12.2a 16.12.3 16.12.8 16.12.2s 16.12.1x 16.12.1t 16.12.4 16.12.3s 16.12.3a 16.12.4a 16.12.5 16.12.6 16.12.1z1 16.12.5a 16.12.5b 16.12.1z2 16.12.6a 16.12.7 16.12.9 16.12.10 16.12.10a 16.12.11 16.12.12 16.12.13 3.11.0E 3.11.1E 3.11.2E 3.11.3E 3.11.1aE 3.11.4E 3.11.3aE 3.11.5E 3.11.6E 3.11.7E 3.11.8E 3.11.9E 3.11.10E 3.11.11E 3.11.12E 17.1.1 17.1.1a 17.1.1s 17.1.1t 17.1.3 17.2.1 17.2.1r 17.2.1a 17.2.1v 17.2.2 17.2.3 17.3.1 17.3.2 17.3.3 17.3.1a 17.3.1w 17.3.2a 17.3.1x 17.3.1z 17.3.4 17.3.5 17.3.4a 17.3.6 17.3.4b 17.3.4c 17.3.5a 17.3.5b 17.3.7 17.3.8 17.3.8a 17.4.1 17.4.2 17.4.1a 17.4.1b 17.4.2a 17.5.1 17.5.1a 17.6.1 17.6.2 17.6.1w 17.6.1a 17.6.1x 17.6.3 17.6.1y 17.6.1z 17.6.3a 17.6.4 17.6.1z1 17.6.5 17.6.6 17.6.6a 17.6.5a 17.6.7 17.6.8 17.6.8a 17.7.1 17.7.1a 17.7.1b 17.7.2 17.10.1 17.10.1a 17.10.1b 17.8.1 17.8.1a 17.9.1 17.9.1w 17.9.2 17.9.1a 17.9.1x 17.9.1y 17.9.3 17.9.2a 17.9.1x1 17.9.3a 17.9.4 17.9.1y1 17.9.5 17.9.4a 17.9.5a 17.9.5b 17.9.6 17.9.6a 17.9.7 17.9.5e 17.9.5f 17.9.7a 17.9.7b 17.11.1 17.11.1a 17.12.1 17.12.1w 17.12.1a 17.12.1x 17.12.2 17.12.3 17.12.2a 17.12.1y 17.12.1z 17.12.4 17.12.3a 17.12.1z1 17.12.1z2 17.12.4a 17.12.5 17.12.4b 17.12.1z3 17.12.5a 17.12.1z4 17.12.5b 17.12.5c 17.13.1 17.13.1a 17.14.1 17.14.1a 17.11.99SW 17.15.1 17.15.1w 17.15.1a 17.15.2 17.15.1b 17.15.1x 17.15.3 17.15.2c 17.15.2a 17.15.1y 17.15.2b 17.15.3a 17.15.3b