A critical weakness in Cisco’s IOS and IOS XE platforms allows an unauthenticated adversary to bypass TACACS+ authentication, potentially granting full administrative control of affected routers and switches. Tracked as CVE-2025-20160 and carrying a CVSS 3.1 score of 8.1, the flaw stems from improper validation of the TACACS+ shared secret configuration. Cisco has not observed […]