CVE-2026-20010
Denial of Service via LLDP Frame Handling in Cisco NX-OS
Publication date: 2026-02-25
Last updated on: 2026-02-25
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | nx-os_software | * |
| cisco | nx-os | * |
| cisco | nexus_3000_series_switches | * |
| cisco | nexus_9000_series_fabric_switches | * |
| cisco | ucs_x-series_direct_fabric_interconnects_9108_100g | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-805 | The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software. It allows an unauthenticated attacker who is physically or logically adjacent to the affected device to send a specially crafted LLDP packet that causes the LLDP process to restart.
The improper handling of specific fields in an LLDP frame triggers this issue, which can lead to the device unexpectedly reloading.
Exploitation requires the attacker to be directly connected to an interface on the vulnerable device, either physically or through a Layer 2 tunnel that transports LLDP.
How can this vulnerability impact me? :
A successful exploit of this vulnerability can cause the affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This means network availability can be disrupted, potentially impacting business operations that rely on the affected Cisco NX-OS devices.
Since the vulnerability requires no privileges or user interaction and has low attack complexity, it poses a significant risk to network stability where LLDP is enabled.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by verifying the LLDP feature status and checking LLDP interfaces on affected Cisco NX-OS devices.
- Use the command `show feature | include lldp` to verify if the LLDP feature is enabled.
- Use the command `show lldp interface ethernet module/interface` to check LLDP status on specific interfaces.
What immediate steps should I take to mitigate this vulnerability?
There are no workarounds to mitigate this vulnerability. Cisco strongly recommends upgrading to fixed software releases as the immediate step to mitigate the risk.
It is important to consult the Cisco advisory for recommended fixed releases, ensure hardware and software compatibility, and contact Cisco TAC for assistance if needed.