CVE-2026-20033
Denial of Service via Ethernet Frame in Cisco Nexus 9000 OOB
Publication date: 2026-02-25
Last updated on: 2026-02-25
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | nexus_9000_series_fabric_switches | * |
| cisco | nexus_9000_series_fabric_switches | to 2026-02-01 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-805 | The product uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability affects Cisco Nexus 9000 Series Fabric Switches operating in ACI mode with an active out-of-band (OOB) management interface. It is caused by insufficient validation when processing specific crafted Ethernet frames sent to the OOB management interface.
An unauthenticated attacker who is adjacent at Layer 2 to the OOB management interface can exploit this flaw by sending a malicious Ethernet frame. This causes the affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.
Only the OOB management interface is affected, and the vulnerability does not impact confidentiality or integrity.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS) condition on the affected Cisco Nexus 9000 Series Fabric Switches.
An attacker can cause the device to reload unexpectedly by sending a crafted Ethernet frame to the out-of-band management interface, which disrupts network operations and availability.
There is no impact on the confidentiality or integrity of data, but the availability of the device and network services relying on it can be severely affected.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability affects Cisco Nexus 9000 Series Fabric Switches operating in ACI mode with an active out-of-band (OOB) management interface. Detection involves verifying if your devices are running affected software versions and if the OOB management interface is configured and active.
Cisco provides a Software Checker tool to identify affected software versions and fixed releases, which can help detect vulnerable devices.
No specific commands to detect exploit attempts or crafted Ethernet frames are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The primary mitigation step is to upgrade affected Cisco Nexus 9000 Series Fabric Switches in ACI mode to the fixed software versions released by Cisco.
There are no workarounds available for this vulnerability.
Customers are advised to verify device configurations, ensure sufficient memory and compatibility before upgrading, and consult Cisco TAC or maintenance providers for assistance.