CVE-2026-20086
Denial of Service via Malformed CAPWAP Packets in Cisco CW
Publication date: 2026-03-25
Last updated on: 2026-03-25
Assigner: Cisco Systems, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| cisco | ios_xe_wireless_controller_software | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-230 | The product does not handle or incorrectly handles when a parameter, field, or argument name is specified, but the associated value is missing, i.e. it is empty, blank, or null. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by using Ciscoβs Software Checker tool, which helps determine exposure and identify fixed software releases for affected devices.
No specific commands for manual detection or network scanning are provided in the available resources.
What immediate steps should I take to mitigate this vulnerability?
The only remediation for this vulnerability is to upgrade to the fixed software releases provided by Cisco for the Catalyst CW9800 Family Wireless Controllers.
No workarounds are available to mitigate this vulnerability.
Customers should ensure their devices have sufficient memory and compatibility before upgrading and may contact Cisco TAC for assistance or entitlement to free upgrades if they have valid licenses.
Can you explain this vulnerability to me?
This vulnerability exists in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets in Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family.
It is caused by improper handling of malformed CAPWAP packets, which allows an unauthenticated, remote attacker to send such malformed packets to the device.
Exploiting this vulnerability can cause the affected device to reload unexpectedly, leading to a denial of service (DoS) condition.
How can this vulnerability impact me? :
The primary impact of this vulnerability is a denial of service (DoS) condition on the affected device.
An attacker can remotely and without authentication cause the device to reload unexpectedly by sending a malformed CAPWAP packet.
This unexpected reload can disrupt network availability and connectivity, potentially affecting business operations that rely on the wireless controller.