Cisco Access Point Software Association Request Denial of Service Vulnerability
CVE-2023-20112

7.4HIGH

Key Information:

Vendor: Cisco
Status: Cisco Aironet Access Point Software
Vendor: CVE Published:; 23 March 2023

Badges

👾 Exploit Exists

What is CVE-2023-20112?

A vulnerability in the Cisco Access Point software allows unauthenticated adjacent attackers to trigger a denial of service (DoS) condition. This issue arises from inadequate validation of certain parameters within 802.11 association request frames. An attacker can exploit this vulnerability by sending a specially crafted wireless 802.11 association request to the affected device, potentially leading to an unexpected reload and subsequent DoS condition. For more details, refer to the Cisco Security Advisory.

Affected Version(s)

Cisco Aironet Access Point Software

References

https://sec.cloudapps.cisco.com/security/center/content/C...

vendor-advisory

CVSS V3.1

Score:

7.4

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

👾
Exploit known to exist
Oct 25, 2024
Vulnerability published
Mar 23, 2023
Vulnerability Reserved
Oct 27, 2022