Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-20051

Summary
Assigner-cisco
Assigner Org ID-d1c1063e-7a18-46af-9102-31f8928bc633
Published At-25 Feb, 2026 | 16:14
Updated At-25 Feb, 2026 | 19:05
Rejected At-
Credits

Cisco Nexus 3600-R and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability

A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when processing a crafted Layer 2 ingress frame. An attacker could exploit this vulnerability by sending a stream of crafted Ethernet frames through the targeted device. A successful exploit could allow the attacker to cause a Layer 2 Virtual eXtensible LAN (VxLAN) traffic loop, which, in turn, could result in a denial of service (DoS) condition. This Layer 2 loop could oversubscribe the bandwidth on network interfaces, which would result in all data plane traffic being dropped. To exploit this vulnerability, the attacker must be Layer 2-adjacent to the affected device. Note: To stop active exploitation of this vulnerability, manual intervention is required to both stop the crafted traffic and flap all involved network interfaces. For additional assistance if a Layer 2 loop that is related to this vulnerability is suspected, contact the Cisco Technical Assistance Center (TAC) or the proper support provider. 

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:cisco
Assigner Org ID:d1c1063e-7a18-46af-9102-31f8928bc633
Published At:25 Feb, 2026 | 16:14
Updated At:25 Feb, 2026 | 19:05
Rejected At:
â–¼CVE Numbering Authority (CNA)
Cisco Nexus 3600-R and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability

A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when processing a crafted Layer 2 ingress frame. An attacker could exploit this vulnerability by sending a stream of crafted Ethernet frames through the targeted device. A successful exploit could allow the attacker to cause a Layer 2 Virtual eXtensible LAN (VxLAN) traffic loop, which, in turn, could result in a denial of service (DoS) condition. This Layer 2 loop could oversubscribe the bandwidth on network interfaces, which would result in all data plane traffic being dropped. To exploit this vulnerability, the attacker must be Layer 2-adjacent to the affected device. Note: To stop active exploitation of this vulnerability, manual intervention is required to both stop the crafted traffic and flap all involved network interfaces. For additional assistance if a Layer 2 loop that is related to this vulnerability is suspected, contact the Cisco Technical Assistance Center (TAC) or the proper support provider. 

Affected Products
Vendor
Cisco Systems, Inc.Cisco
Product
Cisco NX-OS Software
Default Status
unknown
Versions
Affected
  • 9.2(3)
  • 9.2(2v)
  • 9.2(1)
  • 9.2(2t)
  • 9.2(3y)
  • 9.3(2)
  • 9.2(4)
  • 9.3(1)
  • 9.3(1z)
  • 9.2(2)
  • 9.3(3)
  • 9.3(4)
  • 9.3(5)
  • 9.3(6)
  • 9.3(5w)
  • 9.3(7)
  • 9.3(7k)
  • 10.2(1)
  • 9.3(7a)
  • 9.3(8)
  • 10.2(1q)
  • 10.2(2)
  • 9.3(9)
  • 10.2(3)
  • 10.2(3t)
  • 9.3(10)
  • 10.2(2a)
  • 10.3(1)
  • 10.2(4)
  • 10.3(2)
  • 9.3(11)
  • 10.3(3)
  • 10.2(5)
  • 9.3(12)
  • 10.2(3v)
  • 10.4(1)
  • 10.2(6)
  • 10.3(3w)
  • 10.3(3o)
  • 10.3(4)
  • 10.3(3p)
  • 10.3(4a)
  • 10.4(2)
  • 10.3(3q)
  • 9.3(13)
  • 10.3(5)
  • 10.2(7)
  • 10.4(3)
  • 10.3(3x)
  • 10.3(4g)
  • 10.5(1)
  • 10.2(8)
  • 10.3(3r)
  • 10.3(6)
  • 9.3(14)
  • 10.4(4)
  • 10.3(4h)
  • 10.5(2)
  • 10.3(7)
  • 10.4(5)
  • 10.5(3)
  • 10.2(9)
  • 9.3(15)
  • 10.4(4g)
  • 10.5(4)
  • 10.6(1)
  • 10.5(3t)
  • 10.3(8)
  • 10.4(6)
  • 10.5(3s)
  • 10.5(3e)
  • 10.5(3o)
  • 9.3(16)
  • 10.6(1s)
  • 10.5(3p)
Problem Types
TypeCWE IDDescription
cweCWE-457Use of Uninitialized Variable
Type: cwe
CWE ID: CWE-457
Description: Use of Uninitialized Variable
Metrics
VersionBase scoreBase severityVector
3.17.4HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits

The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory.

Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ether-dos-Kv8YNWZ4
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ether-dos-Kv8YNWZ4
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:psirt@cisco.com
Published At:25 Feb, 2026 | 17:25
Updated At:27 Feb, 2026 | 14:06

A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when processing a crafted Layer 2 ingress frame. An attacker could exploit this vulnerability by sending a stream of crafted Ethernet frames through the targeted device. A successful exploit could allow the attacker to cause a Layer 2 Virtual eXtensible LAN (VxLAN) traffic loop, which, in turn, could result in a denial of service (DoS) condition. This Layer 2 loop could oversubscribe the bandwidth on network interfaces, which would result in all data plane traffic being dropped. To exploit this vulnerability, the attacker must be Layer 2-adjacent to the affected device. Note: To stop active exploitation of this vulnerability, manual intervention is required to both stop the crafted traffic and flap all involved network interfaces. For additional assistance if a Layer 2 loop that is related to this vulnerability is suspected, contact the Cisco Technical Assistance Center (TAC) or the proper support provider. 

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.4HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-457Primarypsirt@cisco.com
CWE ID: CWE-457
Type: Primary
Source: psirt@cisco.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ether-dos-Kv8YNWZ4psirt@cisco.com
N/A
Hyperlink: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-ether-dos-Kv8YNWZ4
Source: psirt@cisco.com
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

63Records found
CVE-2025-20191
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.03% / 7.65%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:18
Updated-08 May, 2025 | 14:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Products Denial of Service Vulnerability

A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the incorrect handling of DHCPv6 packets. An attacker could exploit this vulnerability by sending a crafted DHCPv6 packet to an affected device. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS SoftwareCisco Wireless LAN Controller (WLC)
CWE ID-CWE-805
Buffer Access with Incorrect Length Value
CVE-2025-20111
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.05% / 16.56%
||
7 Day CHG~0.00%
Published-26 Feb, 2025 | 16:11
Updated-26 Feb, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 3000 and 9000 Series Switches Layer 2 Ethernet Denial of Service Vulnerability

A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Software
CWE ID-CWE-1220
Insufficient Granularity of Access Control
CVE-2025-20202
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.03% / 7.20%
||
7 Day CHG~0.00%
Published-07 May, 2025 | 17:35
Updated-08 Jul, 2025 | 17:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this vulnerability by sending a crafted CDP packet to an AP. A successful exploit could allow the attacker to cause an unexpected reload of the wireless controller that is managing the AP, resulting in a DoS condition that affects the wireless network.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xeCisco IOS XE Software
CWE ID-CWE-805
Buffer Access with Incorrect Length Value
CVE-2025-20340
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.03% / 8.85%
||
7 Day CHG~0.00%
Published-10 Sep, 2025 | 16:06
Updated-11 Sep, 2025 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Address Resolution Protocol Broadcast Storm Vulnerability

A vulnerability in the Address Resolution Protocol (ARP) implementation of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to trigger a broadcast storm, leading to a denial of service (DoS) condition on an affected device.  This vulnerability is due to how Cisco IOS XR Software processes a high, sustained rate of ARP traffic hitting the management interface. Under certain conditions, an attacker could exploit this vulnerability by sending an excessive amount of traffic to the management interface of an affected device, overwhelming its ARP processing capabilities. A successful exploit could result in degraded device performance, loss of management connectivity, and complete unresponsiveness of the system, leading to a DoS condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco IOS XR Software
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2025-20141
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.07% / 20.58%
||
7 Day CHG~0.00%
Published-12 Mar, 2025 | 16:12
Updated-06 Aug, 2025 | 17:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software Release 7.9.2 Denial of Service Vulnerabillity

A vulnerability in the handling of specific packets that are punted from a line card to a route processor in Cisco IOS XR Software Release 7.9.2 could allow an unauthenticated, adjacent attacker to cause control plane traffic to stop working on multiple Cisco IOS XR platforms.  This vulnerability is due to incorrect handling of packets that are punted to the route processor. An attacker could exploit this vulnerability by sending traffic, which must be handled by the Linux stack on the route processor, to an affected device. A successful exploit could allow the attacker to cause control plane traffic to stop working, resulting in a denial of service (DoS) condition.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ncs_55a2-mod-hd-sncs_5508ncs_55a2-mod-se-sncs_540-12z20g-sys-ancs_540-fh-csr-sysncs_540x-8z16g-sys-dncs_55a1-24hncs_57c1-48q6-sysncs_540x-16z8q2c-dncs_540-6z14s-sys-dncs_540x-acc-sysios_xrncs_540x-6z18g-sys-ancs_55a1-48q6hncs_540x-8z16g-sys-ancs_5502-sencs_5516ncs_540x-6z18g-sys-dncs_57b1-6d24-sysncs_540x-16z4g8q2c-ancs_5502ncs_540x-12z16g-sys-dncs_540-6z18g-sys-ancs_540-24z8q2c-sysncs_55a2-mod-sncs_540-12z20g-sys-dncs_540-fh-aggncs_540x-12z16g-sys-ancs_540-24q2c2dd-sysncs_540x-4z14g2q-dncs_55a1-36hncs_57c3-mod-sysncs_55a1-36h-sencs_55a1-24q6h-sncs_540-24q8l2dd-sysncs_540-28z4c-sys-dncs_540x-16z4g8q2c-dncs_5504ncs_540x-4z14g2q-ancs_540-acc-sysncs_5501-sencs_540-6z18g-sys-dncs_540-28z4c-sys-ancs_57d2-18dd-sysncs_57b1-5dse-sysncs_5501ncs_55a1-24q6h-ssCisco IOS XR Software
CWE ID-CWE-770
Allocation of Resources Without Limits or Throttling
CVE-2025-20241
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.04% / 12.20%
||
7 Day CHG~0.00%
Published-27 Aug, 2025 | 16:23
Updated-27 Aug, 2025 | 18:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Nexus 3000 and 9000 Series Switches IS-IS Protocol <TBD> Denial of Service Vulnerability

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco NX-OS Software
CWE ID-CWE-733
Compiler Optimization Removal or Modification of Security-critical Code
CVE-2021-34713
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.00%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 05:00
Updated-07 Nov, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability

A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected line card to reboot. This vulnerability is due to incorrect handling of specific Ethernet frames that cause a spin loop that can make the network processors unresponsive. An attacker could exploit this vulnerability by sending specific types of Ethernet frames on the segment where the affected line cards are attached. A successful exploit could allow the attacker to cause the affected line card to reboot.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-ios_xrasr_9910asr_9906asr_9904asr_9006asr_9903asr_9912asr_9000asr_9010asr_9922asr_9000v-v2asr_9001asr_9902asr_9901Cisco IOS XR Software
CWE ID-CWE-399
Not Available
CVE-2021-34740
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.10% / 28.00%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:26
Updated-07 Nov, 2024 | 21:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Aironet Access Points WLAN Control Protocol Packet Buffer Leak Denial of Service Vulnerability

A vulnerability in the WLAN Control Protocol (WCP) implementation for Cisco Aironet Access Point (AP) software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect error handling when an affected device receives an unexpected 802.11 frame. An attacker could exploit this vulnerability by sending certain 802.11 frames over the wireless network to an interface on an affected AP. A successful exploit could allow the attacker to cause a packet buffer leak. This could eventually result in buffer allocation failures, which would trigger a reload of the affected device.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_1562iaironet_1830eaironet_1850ecatalyst_iw6300catalyst_iw6300_dcwcatalyst_iw6300_accatalyst_9105axwaironet_1810w1100_integrated_services_routercatalyst_9130axecatalyst_9130_apaironet_1850aironet_1562eaironet_2800iaironet_1542iaironet_3800pcatalyst_iw6300_dccatalyst_9120axpcatalyst_9124axiaironet_1815aironet_1540111x_integrated_services_routercatalyst_9115axiaironet_1815iaironet_4800catalyst_9117axicatalyst_9120_apaironet_3800aironet_access_point_softwareaironet_3800i1100-4g\/6g_integrated_services_routercatalyst_9117_apaironet_2800eaironet_1800icatalyst_9115_apcatalyst_9124aironet_1560aironet_3800e1160_integrated_services_routercatalyst_9120axe1109-2p_integrated_services_routeraironet_1800aironet_1830aironet_1830icatalyst_91171109_integrated_services_routercatalyst_9115catalyst_91001120_integrated_services_routercatalyst_9130catalyst_9130axiaironet_2800aironet_1542d1111x_integrated_services_routercatalyst_9120aironet_1562d6300_series_access_points1101-4p_integrated_services_routercatalyst_9124axdcatalyst_9105axicatalyst_9120axi1100-4p_integrated_services_router1111x-8p_integrated_services_routeraironet_1840catalyst_9115axe1100-8p_integrated_services_routeraironet_1850i1109-4p_integrated_services_router1101_integrated_services_routeraironet_1810catalyst_9105Cisco Aironet Access Point Software
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2021-34714
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.18% / 40.20%
||
7 Day CHG~0.00%
Published-23 Sep, 2021 | 02:25
Updated-07 Nov, 2024 | 21:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Multiple Cisco Operating Systems Unidirectional Link Detection Denial of Service Vulnerability

A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software, Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload. This vulnerability is due to improper input validation of the UDLD packets. An attacker could exploit this vulnerability by sending specifically crafted UDLD packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: The UDLD feature is disabled by default, and the conditions to exploit this vulnerability are strict. An attacker must have full control of a directly connected device. On Cisco IOS XR devices, the impact is limited to the reload of the UDLD process.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-firepower_9300nexus_93180lc-exfirepower_4150nexus_34200yc-smnexus_56128pucs_6332-16upnexus_3132q-xnexus_3172tqnx-osnexus_3200nexus_3636c-rnexus_93128txnexus_9336pq_aci_spineucs_6400nexus_7700_supervisor_3efxosmds_9506firepower_9300_sm-44_x_3mds_9250ifirepower_9300_sm-56_x_3nexus_3016qnexus_7000_9-slotnexus_3132q-vnexus_9332cnexus_92348gc-xnexus_3172tq-32tnexus_9336c-fx2nexus_5020nexus_3524-xnexus_31108tc-vnexus_9348gc-fxpnexus_3172mds_9718nexus_9272qmds_9700firepower_9300_sm-24mds_9148snexus_9500_supervisor_b\+mds_9513mds_9148tnexus_93180yc-fxmds_9132tfirepower_4140nexus_3432d-sucs_6454firepower_9300_with_1_sm-24_modulenexus_3000nexus_3524nexus_9000_in_standalonemds_9216nexus_7000_4-slotnexus_7700_6-slotnexus_7000_supervisor_1nexus_3548-x\/xlnexus_3016mds_9216anexus_7018nexus_93108tc-fx-24nexus_92304qcucs_6248upnexus_7710nexus_9000_in_standalone_nx-os_modenexus_9500_supervisor_bfirepower_4125nexus_3100mds_9100mds_9148nexus_3048nexus_9372tx-enexus_3500_platformnexus_93360yc-fx2firepower_9300_sm-40nexus_3524-xlucs_6324nexus_9396txfirepower_4120mds_9396tnexus_7000_10-slotnexus_7000nexus_7010mds_9396snexus_3064nexus_3232c_nexus_7718nexus_3500nexus_5548upnexus_5600nexus_9336c-fx2-enexus_9396pxfirepower_9300_with_1_sm-36_modulenexus_7000_supervisor_2enexus_9221cmds_9216inexus_5596tnexus_7702nexus_7700_2-slotnexus_3132q-x\/3132q-xlnexus_9372txnexus_5624qnexus_6004xnexus_3064-tnexus_93600cd-gxnexus_3408-snexus_6001tnexus_9372px-enexus_7000_18-slotnexus_9336pqnexus_3600nexus_7700nexus_3400ucs_6300nexus_9332pqnexus_93108tc-exnexus_9508nexus_3100-vnexus_93120txnexus_6000firepower_4110nexus_9316d-gxnexus_7000_supervisor_2nexus_3524-x\/xlnexus_6004mds_9140ucs_6324_fabric_interconnectnexus_3100-zfirepower_4145nexus_3548-xlnexus_31128pqnexus_93180yc-fx3snexus_9364cmds_9200firepower_9300_with_1_sm-44_modulenexus_7700_supervisor_2enexus_3164qnexus_6001pnexus_3132c-znexus_3172pq\/pq-xlnexus_5548pnexus_5648qmds_9000nexus_93180yc-fx-24firepower_4100nexus_3464cnexus_93216tc-fx2nexus_36180yc-rucs_6200nexus_5500nexus_5672upnexus_93180tc-exnexus_3264qnexus_7004ucs_6332-16up_fabric_interconnectnexus_34180ycnexus_9000vmds_9509nexus_9300nexus_31108pc-vmds_9706nexus_9500_supervisor_a\+nexus_7700_18-slotnexus_3064-32tnexus_93180yc-fx3nexus_5596upnexus_7009firepower_4115nexus_93180yc-ex-24nexus_3100vnexus_3548mds_9500nexus_3132qnexus_9000_in_aci_modenexus_9372pxnexus_9364c-gxnexus_5696qnexus_92160yc-xnexus_7700_10-slotnexus_93108tc-ex-24nexus_3064xnexus_9000iosnexus_31108pv-vnexus_9500nexus_93108tc-fx3pnexus_9504nexus_93108tc-fxnexus_3064tnexus_6001nexus_9500_supervisor_afirepower_9300_sm-56ucs_6296_up_fabric_interconnectucs_6248_up_fabric_interconnectnexus_92300ycnexus_7706nexus_3172pqios_xrnexus_3064-xfirepower_9300_sm-44ucs_6332nexus_3232cfirepower_9300_with_3_sm-44_modulenexus_9200mds_9222iucs_6296upnexus_5010firepower_9300_sm-36nexus_5000firepower_extensible_operating_systemnexus_3264c-efirepower_9300_sm-48nexus_93240yc-fx2ios_xefirepower_4112nexus_3548-xnexus_3132q-xlmds_9710nexus_3172tq-xlnexus_93180yc-exnexus_93128nexus_9236cnexus_9516mds_9134nexus_3172pq-xlnexus_9500rucs_6332_fabric_interconnectnexus_5672up-16gCisco IOS
CWE ID-CWE-20
Improper Input Validation
CVE-2019-1920
Matching Score-8
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-8
Assigner-Cisco Systems, Inc.
CVSS Score-7.4||HIGH
EPSS-0.92% / 75.78%
||
7 Day CHG~0.00%
Published-17 Jul, 2019 | 20:20
Updated-21 Nov, 2024 | 19:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability

A vulnerability in the 802.11r Fast Transition (FT) implementation for Cisco IOS Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected interface. The vulnerability is due to a lack of complete error handling condition for client authentication requests sent to a targeted interface configured for FT. An attacker could exploit this vulnerability by sending crafted authentication request traffic to the targeted interface, causing the device to restart unexpectedly.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-aironet_3700e_firmwareaironet_3700eaironet_3700iaironet_3700paccess_pointsaironet_3700p_firmwareaironet_3700i_firmwareCisco Aironet Access Point Software
CWE ID-CWE-20
Improper Input Validation
CVE-2020-27124
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-1.77% / 82.43%
||
7 Day CHG~0.00%
Published-18 Nov, 2024 | 16:03
Updated-01 Aug, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Adaptive Security Appliance Software SSL/TLS Denial of Service Vulnerability

A vulnerability in the SSL/TLS handler of Cisco&nbsp;Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition. The vulnerability is due to improper error handling on established SSL/TLS connections. An attacker could exploit this vulnerability by establishing an SSL/TLS connection with the affected device and then sending a malicious SSL/TLS message within that connection. A successful exploit could allow the attacker to cause the device to reload.Cisco&nbsp;has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-adaptive_security_appliance_softwareCisco Adaptive Security Appliance (ASA) Softwareadaptive_security_appliance
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20212
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-7.7||HIGH
EPSS-0.39% / 59.69%
||
7 Day CHG~0.00%
Published-02 Apr, 2025 | 16:15
Updated-07 Apr, 2025 | 14:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series devices could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. To exploit this vulnerability, the attacker must have valid VPN user credentials on the affected device. This vulnerability exists because a variable is not initialized when an SSL VPN session is established. An attacker could exploit this vulnerability by supplying crafted attributes while establishing an SSL VPN session with an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of the established SSL VPN sessions and forcing remote users to initiate a new VPN connection and reauthenticate. A sustained attack could prevent new SSL VPN connections from being established. Note: When the attack traffic stops, the Cisco AnyConnect VPN server recovers without manual intervention.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Meraki MX Firmware
CWE ID-CWE-457
Use of Uninitialized Variable
CVE-2025-20271
Matching Score-6
Assigner-Cisco Systems, Inc.
ShareView Details
Matching Score-6
Assigner-Cisco Systems, Inc.
CVSS Score-8.6||HIGH
EPSS-0.07% / 20.55%
||
7 Day CHG~0.00%
Published-18 Jun, 2025 | 16:38
Updated-23 Jun, 2025 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Cisco Meraki MX and Z Series AnyConnect VPN with Client Certificate Authentication Denial of Service Vulnerability

A vulnerability in the Cisco AnyConnect VPN server of Cisco Meraki MX and Cisco Meraki Z Series Teleworker Gateway devices could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition in the Cisco AnyConnect service on an affected device. This vulnerability is due to&nbsp;variable initialization errors when an SSL VPN session is established. An attacker could exploit this vulnerability by sending a sequence of crafted HTTPS requests to an affected device. A successful exploit could allow the attacker to cause the Cisco AnyConnect VPN server to restart, resulting in the failure of all established SSL VPN sessions and forcing remote users to initiate a new VPN connection and re-authenticate. A sustained attack could prevent new SSL VPN connections from being established, effectively making the Cisco AnyConnect VPN service unavailable for all legitimate users.

Action-Not Available
Vendor-Cisco Systems, Inc.
Product-Cisco Meraki MX Firmware
CWE ID-CWE-457
Use of Uninitialized Variable
  • Previous
  • 1
  • 2
  • Next
Details not found