Cisco IOS XE Software Bootstrap Arbitrary File Write Vulnerability

A vulnerability exists in the bootstrap loading process of Cisco IOS XE Software, allowing authenticated, local attackers to write arbitrary files to the system. This issue arises from inadequate input validation of the bootstrap file, which is read when a device is deployed in SD-WAN mode or configured with SD-Routing. Exploitation involves modifying a bootstrap file created by Cisco Catalyst SD-WAN Manager, uploading it to the device's flash memory, and then either rebooting the device in a green field deployment or setting it up with SD-Routing. Successful exploitation could enable arbitrary file writes to the underlying operating system.

Impact

Exploitation of this vulnerability could result in unauthorized arbitrary file writes to the underlying operating system, potentially leading to further exploitation or system compromise.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on determining exposure and upgrading, consult the Cisco IOS and IOS XE Software Security Advisory Bundled Publication from May 2025.