topic Re: How to fix vulnerability CVE 2025-20197 thru 20201 in Network Security

How to fix vulnerability CVE 2025-20197 thru 20201

Zee-Far-Man — Wed, 28 May 2025 17:12:54 GMT

Hello Pros.

How to fix vulnerability CVE 2025-20197 thru 20201 on Cisco 4300 Router and 9200 Switches. What IOS XE version will fix the vulnerabilities for a 4300 router and a 2900 switch.

Thanks in advances.

Re: How to fix vulnerability CVE 2025-20197 thru 20201

Rob Ingram — Wed, 28 May 2025 17:17:26 GMT

@Zee-Far-Man have you seen this? https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp check to see if your versions are affected, if so upgrade to the recommended version. There are no workarounds.

Re: How to fix vulnerability CVE 2025-20197 thru 20201

Zee-Far-Man — Wed, 28 May 2025 17:37:03 GMT

I can not find the recommended IOS, every time I click on Advisory it opens the same page. There is not IOS version specified.

Thanks.

Re: How to fix vulnerability CVE 2025-20197 thru 20201

Rob Ingram — Wed, 28 May 2025 17:41:05 GMT

@Zee-Far-Man enter the correct version release number, i.e. 17.3.3 then click Check.

It opens another page and displays this page. It looks like 17.9.7 is the first fixed version.

Re: How to fix vulnerability CVE 2025-20197 thru 20201

Zee-Far-Man — Wed, 28 May 2025 18:54:11 GMT

Thanks for your assistance.

I am still searching for 4300 Router.

Thanks

Re: How to fix vulnerability CVE 2025-20197 thru 20201

Jens Albrecht — Wed, 28 May 2025 20:02:04 GMT

Exactly same way to check and same result.

17.9.7 and 17.12.5 are the first fixed versions available.

Re: How to fix vulnerability CVE 2025-20197 thru 20201

Zee-Far-Man — Thu, 29 May 2025 12:42:11 GMT

Jens,

I really appreciate your timely response and assistance.

Thanks.