Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability
CVE-2020-3552

7.4HIGH

Key Information:

Vendor
Cisco
Status
Cisco Aironet Access Point Software
Vendor
CVE Published:
24 September 2020

Badges

๐Ÿ‘พ Exploit Exists

Summary

A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.

Affected Version(s)

Cisco Aironet Access Point Software

References

https://tools.cisco.com/security/center/content/CiscoSecu...
vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:
7.4
Severity:
HIGH
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • ๐Ÿ‘พ

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

.