Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-20276

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-27 Mar, 2024 | 16:51
Updated At-01 Aug, 2024 | 21:52
Rejected At-
Credits

A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:27 Mar, 2024 | 16:51
Updated At:01 Aug, 2024 | 21:52
Rejected At:
▼CVE Numbering Authority (CNA)

A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
IOS
Versions
Affected
  • 15.5(1)SY5
  • 15.5(1)SY6
  • 15.5(1)SY7
  • 15.5(1)SY8
  • 15.5(1)SY9
  • 15.5(1)SY10
  • 15.5(1)SY11
Problem Types
TypeCWE IDDescription
cweCWE-248Uncaught Exception
Type: cwe
CWE ID: CWE-248
Description: Uncaught Exception
Metrics
VersionBase scoreBase severityVector
3.17.4HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
x_transferred
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
Resource:
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:27 Mar, 2024 | 17:15
Updated At:05 Aug, 2025 | 14:44

A vulnerability in Cisco IOS Software for Cisco Catalyst 6000 Series Switches could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly. This vulnerability is due to improper handling of process-switched traffic. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.4HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CPE Matches
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy5
cpe:2.3:o:cisco:ios:15.5\(1\)sy5:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy6
cpe:2.3:o:cisco:ios:15.5\(1\)sy6:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy7
cpe:2.3:o:cisco:ios:15.5\(1\)sy7:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy8
cpe:2.3:o:cisco:ios:15.5\(1\)sy8:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy9
cpe:2.3:o:cisco:ios:15.5\(1\)sy9:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy10
cpe:2.3:o:cisco:ios:15.5\(1\)sy10:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>ios>>15.5\(1\)sy11
cpe:2.3:o:cisco:ios:15.5\(1\)sy11:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6503-e>>-
cpe:2.3:h:cisco:catalyst_6503-e:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6504-e>>-
cpe:2.3:h:cisco:catalyst_6504-e:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6506-e>>-
cpe:2.3:h:cisco:catalyst_6506-e:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6509-e>>-
cpe:2.3:h:cisco:catalyst_6509-e:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6509-v-e>>-
cpe:2.3:h:cisco:catalyst_6509-v-e:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6513-e>>-
cpe:2.3:h:cisco:catalyst_6513-e:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_6807-xl>>-
cpe:2.3:h:cisco:catalyst_6807-xl:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_c6800-sup6t>>-
cpe:2.3:h:cisco:catalyst_c6800-sup6t:-:*:*:*:*:*:*:*
Cisco Systems, Inc.
cisco
>>catalyst_c6800-sup6t-xl>>-
cpe:2.3:h:cisco:catalyst_c6800-sup6t-xl:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-248Secondarypsirt@cisco.com
CWE ID: CWE-248
Type: Secondary
Source: psirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZGpsirt@cisco.com
Vendor Advisory
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZGaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
Source: psirt@cisco.com
Resource:
Vendor Advisory
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-dos-Hq4d3tZG
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

73Records found
CVE-2020-3409
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 27.75%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 18:01
Updated-13 Nov, 2024 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. The vulnerability is due to insufficient processing logic for crafted PROFINET packets that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted PROFINET packets to an affected device for processing. A successful exploit could allow the attacker to cause the device to crash and reload, resulting in a DoS condition on the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-iem-3400-8tie-4000-8t4g-eie-3300-8p2s-eie-4000-16t4g-eiem-3300-8sie-3400-8t2s-eie-3300-8t2x-eiosie-4000-8s4g-eie-3400-8p2s-aiem-3300-8tiem-3300-16pie-4000-8gt8gp4g-eiem-3300-14t2siem-3300-8pie-4000-8gt4g-eie-3300-8p2s-aie-4000-4gs8gp4g-eie-4000-4tc4g-eie-4000-4gc4gp4g-eiem-3400-8piem-3300-16tie-3300-8t2s-eiem-3300-6t2sie-3200-8t2s-eie-4000-4s8p4g-eie-3200-8p2s-eios_xeie-4000-8gs4g-eie-3400-8p2s-eie-4000-16gt4g-eiem-3400-8sie-3300-8t2s-aie-3300-8t2x-aie-4000-4t4p4g-eCisco IOS
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2020-3489
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 27.75%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:52
Updated-13 Nov, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-l-ccatalyst_9800-40catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2020-3493
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 27.75%
||
7 Day CHG~0.00%
Published-24 Sep, 2020 | 17:52
Updated-13 Nov, 2024 | 17:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9800-lcatalyst_9800-l-ccatalyst_9800-40catalyst_9800-clcatalyst_9800-80catalyst_9800-l-fCisco IOS XE Software
CWE ID-CWE-20
Improper Input Validation
CVE-2021-34767
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 27.62%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-30 Oct, 2025 | 21:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability

A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) loop in a configured VLAN, resulting in a denial of service (DoS) condition for that VLAN. The vulnerability is due to a logic error when processing specific link-local IPv6 traffic. An attacker could exploit this vulnerability by sending a crafted IPv6 packet that would flow inbound through the wired interface of an affected device. A successful exploit could allow the attacker to cause traffic drops in the affected VLAN, thus triggering the DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_9800-l-cios_xecatalyst_9800-lcatalyst_9800_embedded_wireless_controllercatalyst_9800-80catalyst_9800-l-fcatalyst_9800-40catalyst_9800catalyst_9800-clCisco IOS XE Software
CWE ID-CWE-670
Always-Incorrect Control Flow Implementation
CVE-2024-20406
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.11% / 28.85%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-07 Oct, 2024 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Intermediate System-to-Intermediate System Denial of Service Vulnerability

A vulnerability in the segment routing feature for the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of ingress IS-IS packets. An attacker could exploit this vulnerability by sending specific IS-IS packets to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the IS-IS process on all affected devices that are participating in the Flexible Algorithm to crash and restart, resulting in a DoS condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and must have formed an adjacency. This vulnerability affects segment routing for IS-IS over IPv4 and IPv6 control planes as well as devices that are configured as level 1, level 2, or multi-level routing IS-IS type.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-20312
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.05% / 16.04%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 16:56
Updated-26 Aug, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device after forming an adjacency. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device and have formed an adjacency.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosCisco IOS XE SoftwareIOS
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-20303
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.06% / 18.40%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 17:00
Updated-31 Jul, 2025 | 16:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper management of mDNS client entries. An attacker could exploit this vulnerability by connecting to the wireless network and sending a continuous stream of specific mDNS packets. A successful exploit could allow the attacker to cause the wireless controller to have high CPU utilization, which could lead to access points (APs) losing their connection to the controller and result in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xecatalyst_9130axecatalyst_9800-40catalyst_9120axpcatalyst_cw9800h2catalyst_9800-80catalyst_9800-lcatalyst_cw9800mcatalyst_9130axicatalyst_9800-cl_wireless_controllers_for_cloudcatalyst_9115axicatalyst_9117axicatalyst_9120axecatalyst_9105axicatalyst_cw9800h1catalyst_9115axecatalyst_9120axiCisco IOS XE Software
CWE ID-CWE-459
Incomplete Cleanup
CVE-2024-20313
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.05% / 13.80%
||
7 Day CHG~0.00%
Published-24 Apr, 2024 | 20:42
Updated-09 Aug, 2024 | 18:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the OSPF version 2 (OSPFv2) feature of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of OSPF updates that are processed by a device. An attacker could exploit this vulnerability by sending a malformed OSPF update to the device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-20327
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.07% / 21.06%
||
7 Day CHG~0.00%
Published-13 Mar, 2024 | 16:40
Updated-06 May, 2025 | 17:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of malformed PPPoE packets that are received on a router that is running Broadband Network Gateway (BNG) functionality with PPPoE termination on a Lightspeed-based or Lightspeed-Plus-based line card. An attacker could exploit this vulnerability by sending a crafted PPPoE packet to an affected line card interface that does not terminate PPPoE. A successful exploit could allow the attacker to crash the ppp_ma process, resulting in a DoS condition for PPPoE traffic across the router.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_9006asr_9906asr_9904asr_9902asr_9001asr_9000v-v2asr_9010asr_9901asr_9922asr_9910asr_9912asr_9903ios_xrCisco IOS XR Software
CWE ID-CWE-20
Improper Input Validation
CVE-2024-20317
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.22% / 45.25%
||
7 Day CHG~0.00%
Published-11 Sep, 2024 | 16:38
Updated-03 Oct, 2024 | 17:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Layer 2 Services Denial of Service Vulnerability

A vulnerability in the handling of specific Ethernet frames by Cisco IOS XR Software for various Cisco Network Convergence System (NCS) platforms could allow an unauthenticated, adjacent attacker to cause critical priority packets to be dropped, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect classification of certain types of Ethernet frames that are received on an interface. An attacker could exploit this vulnerability by sending specific types of Ethernet frames to or through the affected device. A successful exploit could allow the attacker to cause control plane protocol relationships to fail, resulting in a DoS condition. For more information, see the section of this advisory. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrCisco IOS XR Software
CWE ID-CWE-684
Incorrect Provision of Specified Functionality
CVE-2024-20354
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-4.7||MEDIUM
EPSS-0.04% / 12.12%
||
7 Day CHG~0.00%
Published-27 Mar, 2024 | 16:47
Updated-13 Aug, 2025 | 17:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1700iaironet_3700paironet_1530iap801aironet_3700eiw3700aironet_2700eaironet_2700iap803aironet_1552wuios_xewireless_lan_controller_softwareaironet_1552haironet_3700iap802aironet_1552saironet_1530eCisco Aironet Access Point SoftwareCisco Aironet Access Point Software (IOS XE Controller)
CWE ID-CWE-460
Improper Cleanup on Thrown Exception
CVE-2021-1308
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 26.58%
||
7 Day CHG~0.00%
Published-08 Apr, 2021 | 04:05
Updated-08 Nov, 2024 | 23:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Small Business RV Series Routers Link Layer Discovery Protocol Vulnerabilities

Multiple vulnerabilities exist in the Link Layer Discovery Protocol (LLDP) implementation for Cisco Small Business RV Series Routers. An unauthenticated, adjacent attacker could execute arbitrary code or cause an affected router to leak system memory or reload. A memory leak or device reload would cause a denial of service (DoS) condition on an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Note: LLDP is a Layer 2 protocol. To exploit these vulnerabilities, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-rv260_firmwarerv340_firmwarerv345prv345rv134w_firmwarerv160w_firmwarerv160_firmwarerv345p_firmwarerv260w_firmwarerv340w_firmwarerv132w_firmwarerv160wrv260rv260wrv340wrv132wrv260prv345_firmwarerv340rv260p_firmwarerv134wrv160Cisco Small Business RV Series Router Firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-1621
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.09% / 24.84%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:31
Updated-07 Nov, 2024 | 21:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Software Interface Queue Wedge Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a queue wedge on an interface that receives specific Layer 2 frames, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of certain Layer 2 frames. An attacker could exploit this vulnerability by sending specific Layer 2 frames on the segment the router is connected to. A successful exploit could allow the attacker to cause a queue wedge on the interface, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-4451-x_integrated_services_routerasr_1001-x_r1160_integrated_services_routerasr_1002-hx1100_integrated_services_router1109-2p_integrated_services_routerasr_1001-hx_risrv4331_integrated_services_router4461_integrated_services_routerasr_1002-hx_rasr_1002-x_rasr_1000-xasr_10024000_integrated_services_router1000_integrated_services_router1109_integrated_services_routerasr_1004111x_integrated_services_router1120_integrated_services_routerasr_1006-x1111x_integrated_services_routerasr_10134321_integrated_services_routerasr_10231101-4p_integrated_services_router4431_integrated_services_routerasr_10011100-4p_integrated_services_routerasr_1000csr_1000vios_xe1100-4g\/6g_integrated_services_router4221_integrated_services_router1111x-8p_integrated_services_routerasr_10061100-8p_integrated_services_router1109-4p_integrated_services_routerasr_1001-x1101_integrated_services_routerasr_1001-hx4451_integrated_services_routerasr_1002-x4351_integrated_services_routerasr_1009-xCisco IOS XE Software
CWE ID-CWE-399
Not Available
CVE-2022-20919
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.90% / 75.70%
||
7 Day CHG~0.00%
Published-30 Sep, 2022 | 18:46
Updated-01 Nov, 2024 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Common Industrial Protocol Request Denial of Service Vulnerability

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asr_920-10sz-pdcatalyst_3850asr-920-12sz-im-ccasr_1023_routerasr_907catalyst_9500hasr-920-12cz-acatalyst_3850-16xs-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_9300-48un-e4331_integrated_services_routerasr_90064461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-aasr_901s-3sg-f-dcatalyst_9124axiasr_920-12sz-imcatalyst_9300l-48t-4x-aasr_920-12sz-im_routercatalyst_8300catalyst_9115axicatalyst_8500-4qccatalyst_3850-48u-lcatalyst_9117axicatalyst_9800-80_wireless_controllerasr-920-4sz-acatalyst_8300-1n1s-6tcatalyst_9300l-24t-4g-easr-920-24sz-imasr_920-12cz-a_rcatalyst_3850-48xscatalyst_9800-clcatalyst_9300-48p-easr_9000_rsp440_router1131_integrated_services_routercatalyst_9300-48t-ecatalyst_9600xcatalyst_3850-24xu-easr_1002_fixed_routerasr1002-xcatalyst_9600catalyst_3850-48u-scatalyst_3850-16xs-ecatalyst_8510msrcatalyst_9200lasr-920-10sz-pdasr-920-4sz-dcatalyst_3850-24xuasr-920-12cz-dcatalyst_9300-48uxm-e1109_integrated_services_routercatalyst_9400catalyst_9100catalyst_3850-48t-l1100-4g_integrated_services_router1111x_integrated_services_routercatalyst_9600_supervisor_engine-1catalyst_9800-40catalyst_9300l-48p-4x-acatalyst_9800catalyst_9300-48u-aasr_902uasr_920-4sz-a_routercatalyst_9105axi1100-4p_integrated_services_routerasr-920-24tz-masr_903asr_9920asr_9906catalyst_ie3200_rugged_switchasr1000-mip100catalyst_3850-48t-e1101_integrated_services_routerasr_920-24tz-m_rasr_920-24sz-m_rasr_900_route_switch_processor_3_\(rsp3\)asr_9010catalyst_3850-12s-sasr_920-4sz-d_rcatalyst_3850-24u-s1100_integrated_services_routerasr_901-4c-ft-dcatalyst_9130_apcatalyst_9300l-24t-4x-ecatalyst_9800-40_wireless_controllerasr_1002-hx_rasr_920-10sz-pd_routercatalyst_9120axpasr_1006-xasr_920-12cz-acatalyst_9300l-24p-4g-aasr1002-x-rfasr_901-12c-ft-dcatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_3850-32xs-scatalyst_9500asr_9001asr_900_asr_901s-3sg-f-ahasr1002-hxasr1000-rp34221_integrated_services_routercatalyst_3850-48f-lcatalyst_3850-24xu-lcatalyst_ie3400_heavy_duty_switchcatalyst_3850-24s-scatalyst_9300-48s-easr1002-x-wsasr_1002-xasr_920-12cz-d_rcatalyst_9300lcatalyst_9115_apcatalyst_ie3400_rugged_switch4451-x_integrated_services_routercatalyst_3850-48p-scatalyst_ie9300catalyst_8510csrcatalyst_9120axeasr_1002-hx1109-2p_integrated_services_routercatalyst_9200cxasr_920-10sz-pd_rcatalyst_8200asr_1000-esp100catalyst_9300-48t-acatalyst_9117catalyst_3850-12s-ecatalyst_8500asr_920u-12sz-imcatalyst_3850-24t-ecatalyst_9130axiasr_920-24sz-m_routerasr1001-x-rfasr_900asr_901-6cz-ft-a4321_integrated_services_routercatalyst_3850-24xs-scatalyst_8300-1n1s-4t2xcatalyst_ie3300_rugged_switchasr1001-x-wscatalyst_3850-48p-lcatalyst_8300-2n2s-4t2xasr_920-12sz-im_r1100-8p_integrated_services_routercatalyst_9410rcatalyst_3850-nm-8-10gasr_901-12c-f-dcatalyst_3850-12xs-easr_5700asr_901s-2sg-f-ahcatalyst_8540csrcatalyst_3850-32xs-e1100-6g_integrated_services_routercatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9105axwcatalyst_9300l-48t-4g-easr_914catalyst_3850-24p-scatalyst_3850-24ucatalyst_9300l_stackasr_920-12cz-dasr_1000-xasr1000-6tgecatalyst_9300l-24p-4g-easr_900_route_switch_processor_2_\(rsp2\)asr_920-4sz-dasr_920-4sz-d_routercatalyst_9120_apcatalyst_9800-lasr_1013catalyst_8540msrasr_920-24sz-imasr_5500asr-920-12sz-dcatalyst_3850-nm-2-40gcatalyst_9300lmcatalyst_9300-24t-easr_9000vasr1001-hxcatalyst_3850-48t-sasr-920-24sz-mcatalyst_9407rcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9800_embedded_wireless_controllercatalyst_9200asr-920-20sz-mcatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_9300l-48t-4g-aasr_920-24sz-masr_920-24sz-im_routerasr_920-4sz-aasr-9901-rpcatalyst_ie3200catalyst_3850-48p-ecatalyst_9800-80catalyst_8300-2n2s-6tasr_920-4sz-a_rcatalyst_9300l-48p-4x-easr-920-24tz-imcatalyst_9130asr_901-6cz-ft-dasr_901-6cz-f-dasr_9000asr_5000catalyst_8500lcatalyst_9300-24s-ecatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_9300-48s-acatalyst_9120axiasr-920-12sz-acatalyst_9115axecatalyst_3850-24p-easr_1006catalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300asr_920-24sz-im_rasr1002-hx-wsasr_920-12cz-d_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_9105asr_9901catalyst_3850-24xs-ecatalyst_9400_supervisor_engine-1asr1001-hx-rfcatalyst_ie3400catalyst_3850-24u-lcatalyst_9300l-24t-4g-acatalyst_3850-48f-sasr_901-4c-f-dcatalyst_9130axeasr_1001-hx_rcatalyst_9800-l-casr1000-2t\+20x1gecatalyst_3850-48f-e1000_integrated_services_routercatalyst_9300-48uxm-aasr_1023catalyst_9300-24p-aasr_1001asr_920-12cz-a_routercatalyst_3850-48xs-easr1000-esp200asr_9904catalyst_9300-24u-acatalyst_9117_apcatalyst_3850-48uasr_1001-hxcatalyst_ie3300asr_1009-xcatalyst_9300-24u-easr_901-6cz-f-acatalyst_9124asr1002-hx-rfcatalyst_3850-12x48ucatalyst_9300xcatalyst_9300-48un-aasr_1001-x_rasr-920-12sz-imasr_901-6cz-fs-dcatalyst_9300-24p-easr_1002-x_rasr_901s-4sg-f-dasr1001-xcatalyst_3850-48xs-f-easr_1002catalyst_9800-l-fasr_902asr_1004catalyst_9300l-48t-4x-ecatalyst_3850-24p-lcatalyst_91151120_integrated_services_routercatalyst_3850-24xsasr_9903catalyst_91204431_integrated_services_routerasr_901-6cz-fs-acatalyst_9124axdasr_920-24tz-m_routercatalyst_3850-24u-ecatalyst_3850-48xs-sios_xe1111x-8p_integrated_services_routerasr_9910asr_9912asr_99221109-4p_integrated_services_routerasr_1001-xasr_901s-2sg-f-dcatalyst_9300-24ux-e4351_integrated_services_routerasr_920-24tz-mCisco IOS
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2025-20173
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.30% / 53.43%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 16:35
Updated-03 Jul, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosIOSCisco IOS XE Software
CWE ID-CWE-248
Uncaught Exception
CVE-2025-20172
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.30% / 53.43%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 16:37
Updated-03 Jul, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SNMP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. For Cisco IOS and IOS XE Software, a successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. For Cisco IOS XR Software, a successful exploit could allow the attacker to cause the SNMP process to restart, resulting in an interrupted SNMP response from an affected device. Devices that are running Cisco IOS XR Software will not reload.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeios_xriosIOSCisco IOS XE SoftwareCisco IOS XR Software
CWE ID-CWE-248
Uncaught Exception
CVE-2025-20176
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.30% / 53.43%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 16:38
Updated-03 Jul, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosCisco IOS XE SoftwareIOS
CWE ID-CWE-248
Uncaught Exception
CVE-2020-27121
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.63% / 70.39%
||
7 Day CHG~0.00%
Published-06 Nov, 2020 | 18:15
Updated-13 Nov, 2024 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability

A vulnerability in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of login requests. An attacker could exploit this vulnerability by sending a crafted client login request to an affected device. A successful exploit could allow the attacker to cause a process to crash, resulting in a DoS condition for new login attempts. Users who are authenticated at the time of the attack would not be affected. There are workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-unified_communications_manager_im_and_presence_serviceCisco Unified Communications Manager IM and Presence Service
CWE ID-CWE-248
Uncaught Exception
CWE ID-CWE-755
Improper Handling of Exceptional Conditions
CVE-2025-20171
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.30% / 53.43%
||
7 Day CHG~0.00%
Published-05 Feb, 2025 | 16:38
Updated-03 Jul, 2025 | 15:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the SNMP subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause a DoS condition on an affected device. This vulnerability is due to improper error handling when parsing SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.  This vulnerability affects SNMP versions 1, 2c, and 3. To exploit this vulnerability through SNMP v2c or earlier, the attacker must know a valid read-write or read-only SNMP community string for the affected system. To exploit this vulnerability through SNMP v3, the attacker must have valid SNMP user credentials for the affected system.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeiosIOSCisco IOS XE Software
CWE ID-CWE-248
Uncaught Exception
CVE-2022-20675
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.27% / 79.55%
||
7 Day CHG~0.00%
Published-06 Apr, 2022 | 18:13
Updated-06 Nov, 2024 | 16:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Security Products Simple Network Management Protocol Service Denial of Service Vulnerability

A vulnerability in the TCP/IP stack of Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Secure Email and Web Manager, formerly Security Management Appliance, could allow an unauthenticated, remote attacker to crash the Simple Network Management Protocol (SNMP) service, resulting in a denial of service (DoS) condition. This vulnerability is due to an open port listener on TCP port 199. An attacker could exploit this vulnerability by connecting to TCP port 199. A successful exploit could allow the attacker to crash the SNMP service, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-secure_email_and_web_managerasyncosemail_security_applianceweb_security_applianceCisco Web Security Appliance (WSA)
CWE ID-CWE-248
Uncaught Exception
CVE-2023-20086
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.55% / 67.83%
||
7 Day CHG~0.00%
Published-01 Nov, 2023 | 16:42
Updated-02 Aug, 2024 | 08:57
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_threat_defenseadaptive_security_appliance_softwareCisco Firepower Threat Defense SoftwareCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-248
Uncaught Exception
CVE-2026-20031
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.3||MEDIUM
EPSS-0.13% / 33.05%
||
7 Day CHG~0.00%
Published-04 Mar, 2026 | 17:17
Updated-05 Mar, 2026 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ClamAV CSS Image Parsing Error Handling Denial of Service Vulnerability

A vulnerability in the HTML Cascading Style Sheets (CSS) module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit this vulnerability by submitting a crafted HTML file to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the scanning process.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Secure Endpoint
CWE ID-CWE-248
Uncaught Exception
CVE-2026-20068
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.11% / 29.73%
||
7 Day CHG~0.00%
Published-04 Mar, 2026 | 17:49
Updated-05 Mar, 2026 | 19:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Products Snort 3 TBD Denial of Service Vulnerability

Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking when parsing remote procedure call (RPC) data. An attacker could exploit this vulnerability by sending crafted RPC packets through an established connection to be parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Secure Firewall Threat Defense (FTD) SoftwareCisco Cyber VisionCisco UTD SNORT IPS Engine Software
CWE ID-CWE-248
Uncaught Exception
  • Previous
  • 1
  • 2
  • Next
Details not found