CVE-2026-20033
Received Received - Intake

Denial of Service via Ethernet Frame in Cisco Nexus 9000 OOB

Vulnerability report for CVE-2026-20033, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-02-25

Last updated on: 2026-02-25

Assigner: Cisco Systems, Inc.

Description

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only the out-of-band (OOB) management interface is affected.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-02-25
Last Modified
2026-02-25
Generated
2026-07-06
AI Q&A
2026-02-25
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 2 associated CPEs
Vendor Product Version / Range
cisco nexus_9000_series_fabric_switches *
cisco nexus_9000_series_fabric_switches to 2026-02-01 (inc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-805 The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability affects Cisco Nexus 9000 Series Fabric Switches operating in ACI mode with an active out-of-band (OOB) management interface. It is caused by insufficient validation when processing specific crafted Ethernet frames sent to the OOB management interface.

An unauthenticated attacker who is adjacent at Layer 2 to the OOB management interface can exploit this flaw by sending a malicious Ethernet frame. This causes the affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

Only the OOB management interface is affected, and the vulnerability does not impact confidentiality or integrity.

Impact Analysis

The primary impact of this vulnerability is a denial of service (DoS) condition on the affected Cisco Nexus 9000 Series Fabric Switches.

An attacker can cause the device to reload unexpectedly by sending a crafted Ethernet frame to the out-of-band management interface, which disrupts network operations and availability.

There is no impact on the confidentiality or integrity of data, but the availability of the device and network services relying on it can be severely affected.

Compliance Impact

I don't know

Detection Guidance

This vulnerability affects Cisco Nexus 9000 Series Fabric Switches operating in ACI mode with an active out-of-band (OOB) management interface. Detection involves verifying if your devices are running affected software versions and if the OOB management interface is configured and active.

Cisco provides a Software Checker tool to identify affected software versions and fixed releases, which can help detect vulnerable devices.

No specific commands to detect exploit attempts or crafted Ethernet frames are provided in the available resources.

Mitigation Strategies

The primary mitigation step is to upgrade affected Cisco Nexus 9000 Series Fabric Switches in ACI mode to the fixed software versions released by Cisco.

There are no workarounds available for this vulnerability.

Customers are advised to verify device configurations, ensure sufficient memory and compatibility before upgrading, and consult Cisco TAC or maintenance providers for assistance.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20033. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart