CVE-2026-20083
Received Received - Intake
Denial of Service in Cisco IOS XE SCP Server via Malformed Request

Publication date: 2026-03-25

Last updated on: 2026-03-25

Assigner: Cisco Systems, Inc.

Description
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of a malformed SCP request. An attacker could exploit this vulnerability by issuing a crafted command through SSH. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-25
Last Modified
2026-03-25
Generated
2026-06-16
AI Q&A
2026-03-25
EPSS Evaluated
2026-06-15
NVD
CVE-2026-20083
EUVD
EUVD-2026-15429
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cisco ios_xe_software *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-235 The product does not handle or incorrectly handles when the number of parameters, fields, or arguments with the same name exceeds the expected amount.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software. It allows an authenticated local attacker with low privileges to cause a denial of service (DoS) condition on the affected device.

The issue arises from improper handling of a malformed SCP request. An attacker can exploit this by sending a specially crafted command through SSH, which can cause the device to reload unexpectedly.

Impact Analysis

Exploiting this vulnerability can cause the affected Cisco device to reload unexpectedly, resulting in a denial of service (DoS) condition.

This means that network services relying on the device could be interrupted, potentially causing downtime and impacting availability.

Compliance Impact

This vulnerability causes a denial of service (DoS) condition by allowing an authenticated local attacker to cause the affected Cisco IOS XE device to reload unexpectedly. It does not impact confidentiality or integrity of data.

Since the vulnerability does not lead to data breach, data loss, or unauthorized data access, it does not directly affect compliance with standards focused on data protection such as GDPR or HIPAA.

However, the resulting service disruption from a DoS could impact availability requirements under such regulations, potentially affecting compliance if critical services are interrupted.

Organizations should consider the operational impact of this vulnerability on service availability when assessing compliance risks and apply recommended mitigations or updates accordingly.

Detection Guidance

This vulnerability can be detected by verifying if the SCP server feature is enabled on Cisco IOS XE devices.

  • Use the command `show running-config | include ip scp server enable` to check if the SCP server is enabled.
Mitigation Strategies

There is no direct workaround for this vulnerability, but immediate mitigation can be achieved by disabling the SCP server feature.

  • Disable the SCP server feature using the CLI command `no ip scp server enable` as a temporary mitigation.

Cisco strongly recommends upgrading to fixed software releases to fully remediate the vulnerability.

Administrators should evaluate the impact of disabling SCP in their environment before applying this mitigation, as it may affect network functionality.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-20083. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart