Cisco Event Response Page

Cisco Event Response: August 2025 Semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication

Doc ID:

ERP-75667

First Published:

2025 August 27 16:00 GMT

Version:

1.0

Summary

Cisco released its semiannual Cisco FXOS and NX-OS Software Security Advisory Bundled Publication on August 27, 2025. In direct response to customer feedback, Cisco releases bundles of Cisco FXOS and NX-OS Software Security Advisories on the fourth Wednesday of the month in February and August of each calendar year.

The August 2025 release of the Cisco FXOS and NX-OS Software Security Advisory Bundled Publication includes 6 Cisco Security Advisories that describe 7 vulnerabilities in Cisco NX-OS Software and UCS Software. Cisco has released software updates that address these vulnerabilities.

Details

The following table identifies Cisco Security content that is associated with this bundled publication:

Cisco Security Advisory	CVE ID	Security Impact Rating	CVSS Base Score	Affected Software	Affected Hardware Platforms
Cisco Nexus 3000 and 9000 Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability	CVE-2025-20241	High	7.4	NX-OS Software	Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches
Cisco UCS Manager Software Command Injection Vulnerabilities	CVE-2025-20294 CVE-2025-20295	Medium	6.5	UCS Software (Managed)	Cisco UCS 6300 Series Fabric Interconnects, Cisco UCS 6400 Series Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects
Cisco NX-OS Software Sensitive Log Information Disclosure Vulnerability	CVE-2025-20290	Medium	5.5	NX-OS Software, UCS Software (Managed)	Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches, Cisco UCS 6400 Series Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects
Cisco UCS Manager Software Stored Cross-Site Scripting Vulnerability	CVE-2025-20296	Medium	5.4	UCS Software (Managed)	Cisco UCS 6300 Series Fabric Interconnects, Cisco UCS 6400 Series Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects
Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability	CVE-2025-20262	Medium	5	NX-OS Software	Cisco Nexus 3000 Series Switches, Cisco Nexus 9000 Series Switches
Cisco NX-OS Software Command Injection Vulnerability	CVE-2025-20292	Medium	4.4	NX-OS Software, NX-OS Software in ACI Mode, UCS Software (Managed)	Cisco MDS 9000 Multilayer Directors and Fabric Switches, Cisco Nexus 1000V Series Switches, Cisco Nexus 3000 Series Switches, Cisco Nexus 5000 Series Switches, Cisco Nexus 6000 Series Switches, Cisco Nexus 7000 Series Switches, Cisco Nexus 9000 Series Switches, Cisco UCS 6400 Series Fabric Interconnects, Cisco UCS 6500 Series Fabric Interconnects

Related Resources

Cisco Security Vulnerability Policy
MITRE Common Vulnerabilities and Exposures
Common Vulnerability Scoring System and the Security Impact Rating
Common Vulnerability Scoring System Q & A