CVE-2025-20160
Published: Sep 24, 2025
Modified: Feb 26, 2026
CVSS v3.1
8.1
Description
A vulnerability in the implementation of the TACACS+ protocol in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to view sensitive data or bypass authentication. This vulnerability exists because the system does not properly check whether the required TACACS+ shared secret is configured. A machine-in-the-middle attacker could exploit this vulnerability by intercepting and reading unencrypted TACACS+ messages or impersonating the TACACS+ server and falsely accepting arbitrary authentication requests. A successful exploit could allow the attacker to view sensitive information in a TACACS+ message or bypass authentication and gain access to the affected device.
| Vendor | Product | Versions |
|---|---|---|
Cisco | IOS | affected 15.2(6)E1affected 15.2(4)E6affected 15.2(6)E2affected 15.2(4)E7affected 15.2(7)E+119 more versions |
Cisco | Cisco IOS XE Software | affected 3.16.8Saffected 3.16.9Saffected 3.16.10Saffected 3.8.6Eaffected 3.8.7E+230 more versions |
Weaknesses (CWE)
CVSS v3.1 Details
CVSS v3.1 Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now