Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20025

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-04 Mar, 2026 | 18:36
Updated At-04 Mar, 2026 | 21:35
Rejected At-
Credits

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to insufficient input validation when processing OSPF link-state update (LSU) packets. An attacker could exploit this vulnerability by sending crafted OSPF LSU packets. A successful exploit could allow the attacker to corrupt the heap, causing the device to reload, resulting in a DoS condition.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:04 Mar, 2026 | 18:36
Updated At:04 Mar, 2026 | 21:35
Rejected At:
â–¼CVE Numbering Authority (CNA)

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to insufficient input validation when processing OSPF link-state update (LSU) packets. An attacker could exploit this vulnerability by sending crafted OSPF LSU packets. A successful exploit could allow the attacker to corrupt the heap, causing the device to reload, resulting in a DoS condition.

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Secure Firewall Adaptive Security Appliance (ASA) Software
Versions
Affected
  • 9.12.1
  • 9.12.1.2
  • 9.12.1.3
  • 9.12.2
  • 9.12.2.4
  • 9.12.2.5
  • 9.12.2.9
  • 9.12.3
  • 9.12.3.2
  • 9.12.3.7
  • 9.12.4
  • 9.12.3.12
  • 9.12.3.9
  • 9.12.2.1
  • 9.12.4.2
  • 9.12.4.4
  • 9.12.4.7
  • 9.12.4.10
  • 9.12.4.13
  • 9.12.4.8
  • 9.12.4.18
  • 9.12.4.24
  • 9.12.4.26
  • 9.12.4.29
  • 9.12.4.30
  • 9.12.4.35
  • 9.12.4.37
  • 9.12.4.38
  • 9.12.4.39
  • 9.12.4.40
  • 9.12.4.41
  • 9.12.4.47
  • 9.12.4.48
  • 9.12.4.50
  • 9.12.4.52
  • 9.12.4.54
  • 9.12.4.55
  • 9.12.4.56
  • 9.12.4.58
  • 9.12.4.62
  • 9.12.4.65
  • 9.12.4.67
  • 9.16.1
  • 9.16.1.28
  • 9.16.2
  • 9.16.2.3
  • 9.16.2.7
  • 9.16.2.11
  • 9.16.2.13
  • 9.16.2.14
  • 9.16.3
  • 9.16.3.3
  • 9.16.3.14
  • 9.16.3.15
  • 9.16.3.19
  • 9.16.3.23
  • 9.16.4
  • 9.16.4.9
  • 9.16.4.14
  • 9.16.4.19
  • 9.16.4.27
  • 9.16.4.38
  • 9.16.4.39
  • 9.16.4.42
  • 9.16.4.48
  • 9.16.4.55
  • 9.16.4.57
  • 9.16.4.61
  • 9.16.4.62
  • 9.16.4.67
  • 9.16.4.70
  • 9.16.4.71
  • 9.16.4.76
  • 9.16.4.82
  • 9.16.4.84
  • 9.17.1
  • 9.17.1.7
  • 9.17.1.9
  • 9.17.1.10
  • 9.17.1.11
  • 9.17.1.13
  • 9.17.1.15
  • 9.17.1.20
  • 9.17.1.30
  • 9.17.1.33
  • 9.17.1.39
  • 9.17.1.45
  • 9.17.1.46
  • 9.18.1
  • 9.18.1.3
  • 9.18.2
  • 9.18.2.5
  • 9.18.2.7
  • 9.18.2.8
  • 9.18.3
  • 9.18.3.39
  • 9.18.3.46
  • 9.18.3.53
  • 9.18.3.55
  • 9.18.3.56
  • 9.18.4
  • 9.18.4.5
  • 9.18.4.8
  • 9.18.4.22
  • 9.18.4.24
  • 9.18.4.29
  • 9.18.4.34
  • 9.18.4.40
  • 9.18.4.47
  • 9.18.4.50
  • 9.18.4.52
  • 9.18.4.53
  • 9.18.4.57
  • 9.18.4.66
  • 9.18.4.67
  • 9.18.4.68
  • 9.19.1
  • 9.19.1.5
  • 9.19.1.9
  • 9.19.1.12
  • 9.19.1.18
  • 9.19.1.22
  • 9.19.1.24
  • 9.19.1.27
  • 9.19.1.28
  • 9.19.1.31
  • 9.19.1.37
  • 9.19.1.38
  • 9.19.1.42
  • 9.20.1
  • 9.20.1.5
  • 9.20.2
  • 9.20.2.10
  • 9.20.2.21
  • 9.20.2.22
  • 9.20.3
  • 9.20.3.4
  • 9.20.3.7
  • 9.20.3.9
  • 9.20.3.10
  • 9.20.3.13
  • 9.20.3.16
  • 9.20.3.20
  • 9.20.4
  • 9.20.4.7
  • 9.22.1.1
  • 9.22.1.3
  • 9.22.1.2
  • 9.22.1.6
  • 9.22.2
  • 9.22.2.4
  • 9.22.2.9
  • 9.23.1
  • 9.23.1.3
  • 9.23.1.7
  • 9.23.1.13
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco Secure Firewall Threat Defense (FTD) Software
Versions
Affected
  • 6.4.0
  • 6.4.0.1
  • 6.4.0.3
  • 6.4.0.2
  • 6.4.0.4
  • 6.4.0.5
  • 6.4.0.6
  • 6.4.0.7
  • 6.4.0.8
  • 6.4.0.9
  • 6.4.0.10
  • 6.4.0.11
  • 6.4.0.12
  • 6.4.0.13
  • 6.4.0.14
  • 6.4.0.15
  • 6.4.0.16
  • 6.4.0.17
  • 6.4.0.18
  • 7.0.0
  • 7.0.0.1
  • 7.0.1
  • 7.0.1.1
  • 7.0.2
  • 7.0.2.1
  • 7.0.3
  • 7.0.4
  • 7.0.5
  • 7.0.6
  • 7.0.6.1
  • 7.0.6.2
  • 7.0.6.3
  • 7.0.7
  • 7.0.8
  • 7.0.8.1
  • 7.1.0
  • 7.1.0.1
  • 7.1.0.2
  • 7.1.0.3
  • 7.2.0
  • 7.2.0.1
  • 7.2.1
  • 7.2.2
  • 7.2.3
  • 7.2.4
  • 7.2.4.1
  • 7.2.5
  • 7.2.5.1
  • 7.2.6
  • 7.2.7
  • 7.2.5.2
  • 7.2.8
  • 7.2.8.1
  • 7.2.9
  • 7.2.10
  • 7.2.10.2
  • 7.3.0
  • 7.3.1
  • 7.3.1.1
  • 7.3.1.2
  • 7.4.0
  • 7.4.1
  • 7.4.1.1
  • 7.4.2
  • 7.4.2.1
  • 7.4.2.2
  • 7.4.2.3
  • 7.4.2.4
  • 7.6.0
  • 7.6.1
  • 7.6.2
  • 7.6.2.1
  • 7.7.0
  • 7.7.10
  • 7.7.10.1
Problem Types
TypeCWE IDDescription
cweCWE-190Integer Overflow or Wraparound
Type: cwe
CWE ID: CWE-190
Description: Integer Overflow or Wraparound
Metrics
VersionBase scoreBase severityVector
3.16.8MEDIUM
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerabilities that are described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSW
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSW
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:04 Mar, 2026 | 19:16
Updated At:04 Mar, 2026 | 19:16

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to insufficient input validation when processing OSPF link-state update (LSU) packets. An attacker could exploit this vulnerability by sending crafted OSPF LSU packets. A successful exploit could allow the attacker to corrupt the heap, causing the device to reload, resulting in a DoS condition.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.8MEDIUM
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 6.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-190Primarypsirt@cisco.com
CWE ID: CWE-190
Type: Primary
Source: psirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSWpsirt@cisco.com
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ospf-ZH8PhbSW
Source: psirt@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

9Records found
CVE-2026-20020
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-Not Assigned
Published-04 Mar, 2026 | 18:34
Updated-04 Mar, 2026 | 21:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. If OSPF authentication is enabled, the attacker must know the secret key to exploit this vulnerability. This vulnerability is due to insufficient input validation when processing OSPF update packets. An attacker could exploit this vulnerability by sending crafted OSPF update packets. A successful exploit could allow the attacker to create a buffer overflow, causing the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Secure Firewall Adaptive Security Appliance (ASA) SoftwareCisco Secure Firewall Threat Defense (FTD) Software
CWE ID-CWE-20
Improper Input Validation
CVE-2026-20024
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-Not Assigned
Published-04 Mar, 2026 | 18:35
Updated-04 Mar, 2026 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition. To exploit this vulnerability, the attacker must have the OSPF secret key. This vulnerability is due to heap corruption in OSPF when parsing packets. An attacker could exploit this vulnerability by sending crafted packets to the OSPF service. A successful exploit could allow the attacker to corrupt the heap, causing the affected device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Secure Firewall Adaptive Security Appliance (ASA) SoftwareCisco Secure Firewall Threat Defense (FTD) Software
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-34703
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.24% / 47.43%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:25
Updated-07 Nov, 2024 | 21:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS and IOS XE Software Link Layer Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Link Layer Discovery Protocol (LLDP) message parser of Cisco IOS Software and Cisco IOS XE Software could allow an attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to improper initialization of a buffer. An attacker could exploit this vulnerability via any of the following methods: An authenticated, remote attacker could access the LLDP neighbor table via either the CLI or SNMP while the device is in a specific state. An unauthenticated, adjacent attacker could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then waiting for an administrator of the device or a network management system (NMS) managing the device to retrieve the LLDP neighbor table of the device via either the CLI or SNMP. An authenticated, adjacent attacker with SNMP read-only credentials or low privileges on the device CLI could corrupt the LLDP neighbor table by injecting specific LLDP frames into the network and then accessing the LLDP neighbor table via either the CLI or SNMP. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a reload of the device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-catalyst_3650-24ps-scatalyst_3850catalyst_3850-32xs-ecatalyst_3850-12xs-scatalyst_3850-24s-ecatalyst_9300l-48p-4g-ecatalyst_9300l-48t-4g-ecatalyst_3850-24p-scatalyst_3650-12x48urcatalyst_3650-24pdm-lcatalyst_3850-16xs-scatalyst_3850-48pw-scatalyst_9300l-24t-4x-acatalyst_3850-24ucatalyst_9300l_stackcatalyst_9300-48un-e4331_integrated_services_router4461_integrated_services_routercatalyst_9300-48p-acatalyst_9300-24s-acatalyst_3650-24ts-ecatalyst_3650-24ps-lcatalyst_9300l-24p-4g-ecatalyst_9300l-48t-4x-acatalyst_3650-48td-s111x_integrated_services_routercatalyst_3650-24pdmcatalyst_3650-8x24pd-scatalyst_3850-48u-lcatalyst_9800-lcatalyst_3650-48ts-lcatalyst_3650-48tq-ecatalyst_3850-nm-2-40gcatalyst_3650-8x24uq-lcatalyst_3650-48fd-lcatalyst_3650-48fs-lcatalyst_3650-48pq-ecatalyst_3650-48fs-ecatalyst_3650-24ts-lcatalyst_3650-24pd-lcatalyst_3650-24pd-scatalyst_3650-24td-lcatalyst_9300-24t-ecatalyst_3650-12x48uzcatalyst_9300l-24t-4g-ecatalyst_3850-48xscatalyst_3650-12x48uqcatalyst_3650-48fd-scatalyst_3650-48fs-scatalyst_3850-48t-scatalyst_9300-48p-ecatalyst_9800-clcatalyst_3650-48pq-lcatalyst_3850-24pw-scatalyst_3850-24t-scatalyst_3650-8x24pd-ecatalyst_9407rcatalyst_3850-24t-lcatalyst_3850-48u-ecatalyst_9300-48t-ecatalyst_3850-24xu-ecatalyst_9200catalyst_3650-12x48uq-ecatalyst_9300l-48p-4g-a1160_integrated_services_routercatalyst_3650-24td-scatalyst_3650-48pd-lcatalyst_3650-8x24uqcatalyst_9600catalyst_3850-48u-scatalyst_9300l-48t-4g-acatalyst_3850-16xs-ecatalyst_3650-48tq-scatalyst_3650-24pdm-scatalyst_3850-24xucatalyst_9300-48uxm-ecatalyst_3850-48p-ecatalyst_9800-80catalyst_3650-12x48ur-e1109_integrated_services_routercatalyst_9300l-48p-4x-ecatalyst_9400catalyst_3650-48fqm-scatalyst_3850-48t-lcatalyst_3650-48fd-ecatalyst_3650-12x48fd-s1111x_integrated_services_routercatalyst_3650-12x48uq-lcatalyst_9800-40catalyst_9300l-48p-4x-acatalyst_3650-48fq-ecatalyst_9800catalyst_9300-24s-ecatalyst_3650-8x24uq-scatalyst_9300-48u-e1101-4p_integrated_services_routercatalyst_3650-48tq-lcatalyst_9300-48u-acatalyst_9300-48s-acatalyst_3650-12x48fd-l1100-4p_integrated_services_routercatalyst_3650-48fq-scatalyst_3850-24p-ecatalyst_3850-48xs-f-scatalyst_9300-24t-acatalyst_9300l-24p-4x-acatalyst_9300catalyst_3850-48t-ecatalyst_3650-48pq-s1101_integrated_services_routercatalyst_3850-24xu-s4451_integrated_services_routercatalyst_3650-48fqmcatalyst_3650-48td-lcatalyst_3650-48fqm-lcatalyst_3850-24xs-ecatalyst_3850-12s-scatalyst_3650-8x24uq-ecatalyst_3850-24u-lcatalyst_9300l-24t-4g-acatalyst_3850-48f-scatalyst_3650-12x48ur-lcatalyst_3850-24u-s1100_integrated_services_routercatalyst_9300l-24t-4x-ecatalyst_3650-24pdcatalyst_9800-l-ccatalyst_3850-48f-e4000_integrated_services_router1000_integrated_services_routercatalyst_3650-12x48uz-scatalyst_9300l-24p-4g-acatalyst_9300-48uxm-acatalyst_9300l-24p-4x-ecatalyst_9300-24ux-acatalyst_9300-24p-acatalyst_3850-32xs-scatalyst_3650-48ps-lcatalyst_9500catalyst_3650-12x48fd-e1100-4g\/6g_integrated_services_router4221_integrated_services_routercatalyst_3850-24xu-lcatalyst_3850-48f-lcatalyst_3850-48xs-ecatalyst_3850-24s-scatalyst_3650-24td-ecatalyst_9300-48s-ecatalyst_3650-48td-ecatalyst_9300-24u-acatalyst_3850-48ucatalyst_3650-8x24pd-lcatalyst_3650-48fqcatalyst_9300lcatalyst_3650-48fq-lcatalyst_3650-12x48uz-ecatalyst_3650-12x48uq-scatalyst_9300-24u-e4451-x_integrated_services_routercatalyst_3650-12x48ur-scatalyst_3850-48p-scatalyst_3850-12x48ucatalyst_3650-48pd-scatalyst_9300-48un-acatalyst_3650-24pd-e1109-2p_integrated_services_routercatalyst_3650-12x48uz-lioscatalyst_9300-24p-ecatalyst_3850-48xs-f-ecatalyst_9300-48t-acatalyst_9800-l-fcatalyst_9300l-48t-4x-ecatalyst_3850-12s-ecatalyst_3850-24p-l1120_integrated_services_routercatalyst_3850-24t-ecatalyst_3850-24xscatalyst_3650-24ts-scatalyst_3650-24ps-e4321_integrated_services_routercatalyst_3850-24xs-scatalyst_3650-48ps-s4431_integrated_services_routercatalyst_3650-48fqm-ecatalyst_3650-48pd-ecatalyst_3650-24pdm-ecsr_1000vcatalyst_3850-24u-ecatalyst_3850-48xs-scatalyst_3650-48ts-ecatalyst_3850-48p-lios_xe1111x-8p_integrated_services_router1100-8p_integrated_services_routercatalyst_9410r1109-4p_integrated_services_routercatalyst_3850-nm-8-10gcatalyst_3650-48ts-scatalyst_3650-48ps-ecatalyst_9300-24ux-e4351_integrated_services_routercatalyst_3850-12xs-eCisco IOS
CWE ID-CWE-456
Missing Initialization of a Variable
CWE ID-CWE-665
Improper Initialization
CVE-2018-0381
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-5.8||MEDIUM
EPSS-0.15% / 35.92%
||
7 Day CHG~0.00%
Published-17 Oct, 2018 | 22:00
Updated-26 Nov, 2024 | 14:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet 1560, 1800, 2800, and 3800 Series Access Points Denial of Service Vulnerability

A vulnerability in the Cisco Aironet Series Access Points (APs) software could allow an authenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. The vulnerability is due to a deadlock condition that may occur when an affected AP attempts to dequeue aggregated traffic that is destined to an attacker-controlled wireless client. An attacker who can successfully transition between multiple Service Set Identifiers (SSIDs) hosted on the same AP while replicating the required traffic patterns could trigger the deadlock condition. A watchdog timer that detects the condition will trigger a reload of the device, resulting in a DoS condition while the device restarts.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_access_pointsCisco Aironet Access Points
CWE ID-CWE-400
Uncontrolled Resource Consumption
CWE ID-CWE-667
Improper Locking
CVE-2020-3120
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.32% / 54.63%
||
7 Day CHG~0.00%
Published-05 Feb, 2020 | 17:50
Updated-15 Nov, 2024 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco FXOS, IOS XR, and NX-OS Software Cisco Discovery Protocol Denial of Service Vulnerability

A vulnerability in the Cisco Discovery Protocol implementation for Cisco FXOS Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to a missing check when the affected software processes Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to exhaust system memory, causing the device to reload. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-xrv_9000firepower_9300nexus_93180lc-exfirepower_4150nexus_56128pnexus_3172tqncs_540-28z4c-sys-dnx-osnexus_3636c-rnexus_93128txnexus_9336pq_aci_spinencs_5501-sencs_6000fxosasr_9006mds_9506ncs_540lnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172mds_9718nexus_9272qmds_9148sncs_540-24z8q2c-sysmds_9513mds_9148tncs_540x-12z16g-sys-dnexus_93180yc-fxasr_9000vmds_9132tncs_540x-16z4g8q2c-dfirepower_4140nexus_3432d-sucs_managerucs_6454nexus_3524mds_9216ncs_540-12z20g-sys-ancs_5002nexus_3016mds_9216aucs_64108nexus_92304qcucs_6248upfirepower_4125nexus_3048nexus_9372tx-enexus_93360yc-fx2nexus_3524-xlucs_6324nexus_9396txfirepower_4120nexus_3232c_nexus_7000nexus_3064ncs_540-acc-sysnexus_5548upnexus_9396pxmds_9216inexus_5596tnexus_9372txnexus_5624qasr_9906nexus_3064-tnexus_3408-snexus_9372px-encs_540x-12z16g-sys-anexus_7700asr_9901ucs_6300nexus_9332pqncs_5001nexus_93108tc-exasr_9010nexus_9508nexus_93120txfirepower_4110ncs_5516nexus_1000vecrsncs_540x-acc-sysfirepower_4145nexus_3548-xlnexus_31128pqnexus_9364cnexus_3164qnexus_3132c-znexus_5548pncs_540-12z20g-sys-dnexus_5648qncs_5501ncs_560nexus_3464cnexus_93216tc-fx2nexus_36180yc-rnexus_5672upasr_9001nexus_3264qasr_9904ncs_540x-16z4g8q2c-anexus_34180ycnexus_9000vmds_9509nexus_31108pc-vmds_9706nexus_5596upfirepower_4115ncs_5502nexus_3548nexus_3132qnexus_9372pxnexus_5696qnexus_92160yc-xnexus_9504ncs_540-28z4c-sys-anexus_93108tc-fxnexus_92300ycios_xrncs_5502-sencs_5508mds_9222iucs_6296upncs_5011nexus_1000vfirepower_extensible_operating_systemnexus_3264c-enexus_93240yc-fx2nexus_3548-xasr_9910nexus_3132q-xlmds_9710asr_9912asr_9922nexus_3172tq-xlnexus_93180yc-exnexus_9236cnexus_9516nexus_3172pq-xlCisco IOS XR Software
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-20684
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.27% / 50.74%
||
7 Day CHG~0.00%
Published-15 Apr, 2022 | 14:16
Updated-06 Nov, 2024 | 16:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family SNMP Trap Denial of Service Vulnerability

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition on the device. This vulnerability is due to a lack of input validation of the information used to generate an SNMP trap related to a wireless client connection event. An attacker could exploit this vulnerability by sending an 802.1x packet with crafted parameters during the wireless authentication setup phase of a connection. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-20
Improper Input Validation
CVE-2024-20434
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-4.3||MEDIUM
EPSS-0.08% / 23.92%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:29
Updated-08 Oct, 2024 | 16:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the control plane of an affected device. This vulnerability is due to improper handling of frames with VLAN tag information. An attacker could exploit this vulnerability by sending crafted frames to an affected device. A successful exploit could allow the attacker to render the control plane of the affected device unresponsive. The device would not be accessible through the console or CLI, and it would not respond to ping requests, SNMP requests, or requests from other control plane protocols. Traffic that is traversing the device through the data plane is not affected. A reload of the device is required to restore control plane services.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-12693
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.36% / 57.80%
||
7 Day CHG~0.00%
Published-02 Oct, 2019 | 19:06
Updated-21 Nov, 2024 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software Secure Copy Denial of Service Vulnerability

A vulnerability in the Secure Copy (SCP) feature of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to the use of an incorrect data type for a length variable. An attacker could exploit this vulnerability by initiating the transfer of a large file to an affected device via SCP. To exploit this vulnerability, the attacker would need to have valid privilege level 15 credentials on the affected device. A successful exploit could allow the attacker to cause the length variable to roll over, which could cause the affected device to crash.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-asa_5550adaptive_security_applianceasa_5505adaptive_security_appliance_softwareasa_5555-xasa_5520asa_5510asa_5525-xasa_5580asa_5585-xasa_5512-xasa_5515-xCisco Adaptive Security Appliance (ASA) Software
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-20685
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.5||HIGH
EPSS-0.50% / 65.83%
||
7 Day CHG~0.00%
Published-15 Nov, 2024 | 15:36
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Products Snort Modbus Denial of Service Vulnerability

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit this vulnerability by sending crafted Modbus traffic through an affected device. A successful exploit could allow the attacker to cause the Snort process to hang, causing traffic inspection to stop.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Cyber VisionCisco Firepower Threat Defense SoftwareCisco UTD SNORT IPS Engine Software
CWE ID-CWE-190
Integer Overflow or Wraparound
Details not found