What is CVE-2025-20196?

CVE-2025-20196 is a medium-severity vulnerability in Cisco 807_industrial_integrated_services_router, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 5.3/10. Published 2025-05-07.

How severe is CVE-2025-20196?

Medium severity. CVSS v3 base score is 5.3 out of 10.

Vulnerability in Cisco 807_industrial_integrated_services_router

CVE-2025-20196

A vulnerability in the Cisco IOx application hosting environment of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the Cisco IOx application hosting environment to stop responding, res…

EPSS: 0.004 (27.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 5.3 (Medium). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L.

Affected products

Weakness classification (CWE)

CWE-307 — Improper Restriction of Excessive Authentication Attempts

References

psirt@cisco.com (Vendor Advisory)

Frequently asked questions

What is CVE-2025-20196?: CVE-2025-20196 is a medium-severity vulnerability in Cisco 807_industrial_integrated_services_router, classified under Improper Restriction of Excessive Authentication Attempts. CVSS score: 5.3/10. Published 2025-05-07.
How severe is CVE-2025-20196?: Medium severity. CVSS v3 base score is 5.3 out of 10.