Security News > 2022 > May > Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild

Cisco on Friday rolled out fixes for a medium-severity vulnerability affecting IOS XR Software that it said has been exploited in real-world attacks.
Tracked as CVE-2022-20821, the issue relates to an open port vulnerability that could be abused by an unauthenticated, remote attacker to connect to a Redis instance and achieve code execution.
"A successful exploit could allow the attacker to write to the Redis in-memory database, write arbitrary files to the container filesystem, and retrieve information about the Redis database," Cisco said in an advisory.
"Given the configuration of the sandboxed container that the Redis instance runs in, a remote attacker would be unable to execute remote code or abuse the integrity of the Cisco IOS XR Software host system."
The flaw, which it said was identified during the resolution of a technical assistance center case, impacts Cisco 8000 Series routers running IOS XR Software that has the health check RPM installed and active.
"Cisco strongly recommends that customers apply suitable workarounds or upgrade to a fixed software release to remediate this vulnerability," it added.
News URL
https://thehackernews.com/2022/05/cisco-issues-patches-for-new-ios-xr.html
Related news
- Still Using an Older Version of iOS or iPadOS? Update Now to Patch These Critical Security Vulnerabilities (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- PipeMagic Trojan Exploits Windows Zero-Day Vulnerability to Deploy Ransomware (source)
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- ⚡ Weekly Recap: iOS Zero-Days, 4Chan Breach, NTLM Exploits, WhatsApp Spyware & More (source)
- Emergency patch for potential SAP zero-day that could grant full system control (source)
- Cisco Patches CVE-2025-20188 (10.0 CVSS) in IOS XE That Enables Root Exploits via JWT (source)
- Cisco fixes max severity IOS XE flaw letting attackers hijack devices (source)
- Microsoft May 2025 Patch Tuesday fixes 5 exploited zero-days, 72 flaws (source)
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-05-26 | CVE-2022-20821 | Unspecified vulnerability in Cisco IOS XR A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. | 6.5 |