<ul><li>Cisco has addressed a denial of service (DoS) vulnerability that allows attackers to crash the Border Gateway Protocol (BGP) process on IOS XR routers.</li><li>The vulnerability, tracked as CVE-2025-20115, can be exploited by sending a single BGP update message to the router.</li><li>The flaw allows for memory corruption and DoS, requiring attacker control of a BGP confederation speaker or an AS_CONFED_SEQUENCE attribute reaching 255 AS numbers.</li><li>The workaround involves limiting AS_CONFED_SEQUENCE to 254 or fewer AS numbers to reduce the risk of attacks if patches can't be applied.</li></ul>

Cisco IOS XR flaw allows attackers to crash BGP process on routers

Discover more