CVE-2026-20033
Received Received - Intake
Denial of Service via Ethernet Frame in Cisco Nexus 9000 OOB

Publication date: 2026-02-25

Last updated on: 2026-02-25

Assigner: Cisco Systems, Inc.

Description
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only the out-of-band (OOB) management interface is affected.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-25
Last Modified
2026-02-25
Generated
2026-06-16
AI Q&A
2026-02-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20033
EUVD
EUVD-2026-8665
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cisco nexus_9000_series_fabric_switches *
cisco nexus_9000_series_fabric_switches to 2026-02-01 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-805 The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability affects Cisco Nexus 9000 Series Fabric Switches operating in ACI mode with an active out-of-band (OOB) management interface. It is caused by insufficient validation when processing specific crafted Ethernet frames sent to the OOB management interface.

An unauthenticated attacker who is adjacent at Layer 2 to the OOB management interface can exploit this flaw by sending a malicious Ethernet frame. This causes the affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

Only the OOB management interface is affected, and the vulnerability does not impact confidentiality or integrity.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) condition on the affected Cisco Nexus 9000 Series Fabric Switches.

An attacker can cause the device to reload unexpectedly by sending a crafted Ethernet frame to the out-of-band management interface, which disrupts network operations and availability.

There is no impact on the confidentiality or integrity of data, but the availability of the device and network services relying on it can be severely affected.

Compliance Impact

I don't know

Detection Guidance

This vulnerability affects Cisco Nexus 9000 Series Fabric Switches operating in ACI mode with an active out-of-band (OOB) management interface. Detection involves verifying if your devices are running affected software versions and if the OOB management interface is configured and active.

Cisco provides a Software Checker tool to identify affected software versions and fixed releases, which can help detect vulnerable devices.

No specific commands to detect exploit attempts or crafted Ethernet frames are provided in the available resources.

Mitigation Strategies

The primary mitigation step is to upgrade affected Cisco Nexus 9000 Series Fabric Switches in ACI mode to the fixed software versions released by Cisco.

There are no workarounds available for this vulnerability.

Customers are advised to verify device configurations, ensure sufficient memory and compatibility before upgrading, and consult Cisco TAC or maintenance providers for assistance.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20033. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart