CVE-2025-20365
BaseFortify
Publication date: 2025-09-24
Last updated on: 2025-09-24
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | access_point_software | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-940 | The product establishes a communication channel to handle an incoming request that has been initiated by an actor, but it does not properly verify that the request is coming from the expected origin. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software. It allows an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device by exploiting a logic error when processing IPv6 RA packets received from wireless clients. The attacker can associate with the wireless network and send crafted IPv6 RA packets to temporarily change the IPv6 gateway.
How can this vulnerability impact me? :
Exploiting this vulnerability could allow an attacker to temporarily change the IPv6 gateway of the affected device, which may cause intermittent packet loss for wireless clients connected to that device. This could disrupt network connectivity and degrade the user experience.