wid-sec-w-2026-0706 · Published 2026-03-11 · View on BSI CERT-Bund ↗

Cisco IOS XR: Multiple Vulnerabilities

CVSS 8.8 HIGH

Risk Summary

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to elevate privileges and gain full administrative control of an affected device. This vulnerability is due to incorrect mapping of a command to task groups within the source code. An attacker with a low-privileged account could exploit this vulnerability by using the CLI command to bypass the task group–based checks. A successful exploit could allow the attacker to elevate privileges and perform actions on an affected device without authorization checks.

CVEs (4)

CVE-2026-20046 CVE-2026-20074 CVE-2026-20118 CVE-2026-20040

Affected Vendors

Cisco

Affected Products (8)

Cisco · IOS XR <25.2.21

Cisco · IOS XR 25.2.21

Cisco · IOS XR <25.4.2

Cisco · IOS XR 25.4.2

Cisco · IOS XR <25.2.2

Cisco · IOS XR 25.2.2

Cisco · IOS XR <25.3.1

Cisco · IOS XR 25.3.1

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more