The Digital Security Authority (DSA) wants to bring to your attention a vulnerability affecting CISCO IOS XE Wireless Controller. 

Technical Details

CISCO has addressed a severe vulnerability denoted by its 10.0 CVSS Score via software patches. This vulnerability has been assigned with the highest possible CVSS Score.

CVE-2025-20188 concerns IOS XE Wireless Controller software.

The vulnerability allows remote attackers without authentication to obtain full root access.

 It is caused by a hardcoded JSON Web Token, that can be exploited via crafted HTTPS requests towards the Access Point image download interface. The attackers can proceed with uploading files that can execute commands in full root access, e.g. path traversal or any other arbitrary commands

Affected Products:

This serious vulnerability only affects systems with the Out-of-Band AP Image Download feature turned on.

Recommendations

The Digital Security Authority recommends having the Out-of-Band AP Image Download feature turned off. The particular feature it is disabled by default in the configuration, but if administrators have enabled it, the systems are at high risk.

References

1.  Common Vulnerabilities & Exposures
2.  Common Weakness Enumeration
3.  CISCO Security Advisories

The information presented in this report is based on available data up to the 9th of May 2025. 

 [ Get the report  in .PDF ]