Solved: How to fix vulnerability CVE 2025-20197 thru 20201

Zee-Far-Man · ‎05-28-2025

Hello Pros.

How to fix vulnerability CVE 2025-20197 thru 20201 on Cisco 4300 Router and 9200 Switches. What IOS XE version will fix the vulnerabilities for a 4300 router and a 2900 switch.

Thanks in advances.

Zee-Far-Man · ‎05-29-2025

Jens,

I really appreciate your timely response and assistance.

Thanks.

View solution in original post

Rob Ingram · ‎05-28-2025

@Zee-Far-Man have you seen this? https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-privesc-su7scvdp check to see if your versions are affected, if so upgrade to the recommended version. There are no workarounds.

Zee-Far-Man · ‎05-28-2025

I can not find the recommended IOS, every time I click on Advisory it opens the same page. There is not IOS version specified.

Thanks.

Rob Ingram · ‎05-28-2025

@Zee-Far-Man enter the correct version release number, i.e. 17.3.3 then click Check.

It opens another page and displays this page. It looks like 17.9.7 is the first fixed version.

Zee-Far-Man · ‎05-28-2025

Thanks for your assistance.

I am still searching for 4300 Router.

Thanks

Jens Albrecht · ‎05-28-2025

Exactly same way to check and same result.

17.9.7 and 17.12.5 are the first fixed versions available.

Zee-Far-Man · ‎05-29-2025

Jens,

I really appreciate your timely response and assistance.

Thanks.