CVE-2025-20118

Q: What is the severity of CVE-2025-20118?

CVE-2025-20118 has a CVSS score of 4.4 (MEDIUM). This vulnerability in Cisco APIC allows authenticated local administrators to access sensitive information through insufficiently masked CLI command outputs. Attackers with valid administrative credentials can exploit this via reconnaissance at the device CLI to obtain information that could facilitate further attacks.

4.4 MEDIUM

📋 TL;DR

This vulnerability in Cisco APIC allows authenticated local administrators to access sensitive information through insufficiently masked CLI command outputs. Attackers with valid administrative credentials can exploit this via reconnaissance at the device CLI to obtain information that could facilitate further attacks.

💻 Affected Systems

Products:

Cisco Application Policy Infrastructure Controller (APIC)

Versions: Specific versions not detailed in advisory; check Cisco advisory for exact affected versions

Operating Systems: Cisco APIC OS

Default Config Vulnerable: ⚠️ Yes

Notes: Requires administrative credentials for exploitation; affects systems where CLI access is available to authenticated users.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Administrator credentials are compromised, leading to full system compromise, data exfiltration, and lateral movement within the network infrastructure.

🟠

Likely Case

Privileged attacker obtains sensitive configuration data or credentials that could be used for targeted attacks against the APIC or connected systems.

🟢

If Mitigated

Limited exposure of non-critical information with minimal operational impact due to restricted administrative access and monitoring.

🌐 Internet-Facing: LOW - This requires local CLI access with administrative credentials, making internet-facing exploitation unlikely.

🏢 Internal Only: MEDIUM - Internal attackers with administrative access could exploit this, but credential requirements limit the attack surface.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires administrative credentials and CLI access; involves using reconnaissance techniques at the command line interface.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Cisco advisory for specific fixed versions

Vendor Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5

Restart Required: Yes

Instructions:

1. Review Cisco advisory for affected versions. 2. Download and apply the recommended software update. 3. Restart affected APIC devices as required. 4. Verify the update was successful.

🔧 Temporary Workarounds

Restrict CLI Access

all

Limit administrative CLI access to only trusted personnel and implement strict access controls.

Enhanced Monitoring

all

Implement comprehensive logging and monitoring of CLI sessions to detect suspicious reconnaissance activities.

🧯 If You Can't Patch

Implement strict principle of least privilege for administrative accounts and regularly rotate credentials.
Deploy network segmentation to isolate APIC management interfaces from general user networks.

🔍 How to Verify

Check if Vulnerable:

Check APIC software version against Cisco advisory; if running affected version and CLI access is available, system is vulnerable.

Check Version:

show version

Verify Fix Applied:

Verify APIC software version has been updated to a version not listed in the advisory as vulnerable.

📡 Detection & Monitoring

Log Indicators:

Unusual CLI command patterns from administrative accounts
Multiple failed authentication attempts followed by successful login and CLI access

Network Indicators:

Unusual SSH or console connections to APIC management interfaces

SIEM Query:

source="apic_logs" AND (event_type="cli_command" AND command="*sensitive*" OR user="admin" AND activity="reconnaissance")

📊 Metadata

CVE ID: CVE-2025-20118

CVSS v3 Score: 4.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

CWE: CWE-212

EPSS Score: 0.04% exploit probability (10.3th percentile)

Published: February 26, 2025

Last Updated: July 31, 2025

🔗 References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-multi-vulns-9ummtg5 Vendor Advisory

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco

Application Policy Infrastructure Controller by Cisco