CVE-2026-20083
Denial of Service in Cisco IOS XE SCP Server via Malformed Request
Publication date: 2026-03-25
Last updated on: 2026-03-25
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | ios_xe_software | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-235 | The product does not handle or incorrectly handles when the number of parameters, fields, or arguments with the same name exceeds the expected amount. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability causes a denial of service (DoS) condition by allowing an authenticated local attacker to cause the affected Cisco IOS XE device to reload unexpectedly. It does not impact confidentiality or integrity of data.
Since the vulnerability does not lead to data breach, data loss, or unauthorized data access, it does not directly affect compliance with standards focused on data protection such as GDPR or HIPAA.
However, the resulting service disruption from a DoS could impact availability requirements under such regulations, potentially affecting compliance if critical services are interrupted.
Organizations should consider the operational impact of this vulnerability on service availability when assessing compliance risks and apply recommended mitigations or updates accordingly.
Can you explain this vulnerability to me?
This vulnerability exists in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software. It allows an authenticated local attacker with low privileges to cause a denial of service (DoS) condition on the affected device.
The issue arises from improper handling of a malformed SCP request. An attacker can exploit this by sending a specially crafted command through SSH, which can cause the device to reload unexpectedly.
How can this vulnerability impact me? :
Exploiting this vulnerability can cause the affected Cisco device to reload unexpectedly, resulting in a denial of service (DoS) condition.
This means that network services relying on the device could be interrupted, potentially causing downtime and impacting availability.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by verifying if the SCP server feature is enabled on Cisco IOS XE devices.
- Use the command `show running-config | include ip scp server enable` to check if the SCP server is enabled.
What immediate steps should I take to mitigate this vulnerability?
There is no direct workaround for this vulnerability, but immediate mitigation can be achieved by disabling the SCP server feature.
- Disable the SCP server feature using the CLI command `no ip scp server enable` as a temporary mitigation.
Cisco strongly recommends upgrading to fixed software releases to fully remediate the vulnerability.
Administrators should evaluate the impact of disabling SCP in their environment before applying this mitigation, as it may affect network functionality.