CVE-2025-20311
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-26
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | catalyst_9000_series_switches | * |
| cisco | catalyst_9300_series_switches | * |
| cisco | catalyst_9500_series_switches | * |
| cisco | ios_xe | 17.15.4 |
| cisco | catalyst_9200_series_switches | * |
| cisco | catalyst_9600_series_switches | * |
| cisco | meraki_ms390 | * |
| cisco | catalyst_9400_series_switches | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-19 |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Cisco IOS XE Software for Catalyst 9000 Series Switches where certain crafted Ethernet frames are improperly handled. An unauthenticated attacker who is adjacent to the network can send these specially crafted frames to the switch, causing the egress port to become blocked and drop all outbound traffic, leading to a denial of service (DoS) condition.
How can this vulnerability impact me? :
The impact of this vulnerability is a denial of service (DoS) condition on the affected switch's egress port. This means that the port will stop forwarding outbound traffic, potentially disrupting network connectivity and causing service outages for devices relying on that port.