CVE-2025-20161

26.02.2025, 17:15

A vulnerability in the software upgrade process of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker with valid Administrator credentials to execute a command injection attack on the underlying operating system of an affected device.

This vulnerability is due to insufficient validation of specific elements within a software image. An attacker could exploit this vulnerability by installing a crafted image. A successful exploit could allow the attacker to execute arbitrary commands on the underlying operating system with root privileges. 
Note: Administrators should validate the hash of any software image before installation.

OS Command Injection

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	5.1 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
cisco	CNA	5.1 MEDIUM	LOCAL	LOW	HIGH	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:N
CISA-ADP	ADP	---				---

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 31%

Common Weakness Enumeration

CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
The software constructs all or part of an OS command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when it is sent to a downstream component.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ici-dpOjbWxk