CVE-2025-20315
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-26
Assigner: Cisco Systems, Inc.
Description
Description
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition.
This vulnerability is due to improper handling of malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. An attacker could exploit this vulnerability by sending malformed CAPWAP packets through an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | ios_xe | 1100 |
| cisco | ios_xe | catalyst_8300 |
| cisco | ios_xe | catalyst_8500l |
| cisco | ios_xe | catalyst_ir8300 |
| cisco | ios_xe | asr_920 |
| cisco | ios_xe | catalyst_8000v |
| cisco | ios_xe | 1000 |
| cisco | ios_xe | catalyst_8200 |
| cisco | ios_xe | catalyst_8500 |
| cisco | ios_xe | 4000 |
| cisco | ios_xe | * |
| cisco | ios_xe | catalyst_1101 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-805 | The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. |
