Cisco disclosed two high-severity vulnerabilities in IOS XR Software affecting enterprise and service provider routers. Both flaws require authenticated local access but allow an attacker to escalate privileges to root on the underlying operating system, granting complete device control. Organizations running IOS XR in core routing infrastructure should treat patching as a priority, as successful exploitation could cause sustained network disruption or enable persistent footholds in high-availability environments.