—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Denial of Service Vulnerability in CISCO 

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Systems Affected

Nexus 3000 Series Switches

Nexus 9000 Series Fabric Switches in ACI mode

Nexus 9000 Series Switches in standalone NX-OS mode

UCS X-Series Direct Fabric Interconnects 9108 100G

Overview

A vulnerability has been reported the Link Layer Discovery Protocol (LLDP) feature of Cisco NX-OS Software could allow unauthenticated, adjacent attacker to cause the LLDP process to restart, which could cause an affected device to reload unexpectedly.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

This vulnerability exists due to improper handling of specific fields in an LLDP frame. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface of an affected device.

Successful exploitation of this vulnerability could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition.

Note: LLDP is a Layer 2 link protocol. To exploit this vulnerability, an attacker would need to be directly connected to an interface of an affected device, either physically or logically (for example, through a Layer 2 Tunnel configured to transport the LLDP protocol).

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k_aci_lldp_dos-NdgRrrA3

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k_aci_lldp_dos-NdgRrrA3

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k_aci_lldp_dos-NdgRrrA3

CVE Name

CVE-2026-20010

 

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmmhrKAACgkQ3jCgcSdc

ys+LMxAAjH1j1QQCVBtgFdEXvgAKaQxXycltWW9Tg/ayGTD2T33LLxzvtw5iheWk

qKZnYk6vfB1xrwsjM6rd53k+wS//HvgFPc2h2SY1kgUiyDJ7Au8CtEkjAezzLYbq

cSBVuZZdc24sKLZPQO0X/yPaadCEqx3oJ+sRBoZ13y+a/WfFUaXvd6zoXI5OeWT4

ujUO/0cIwASw3QtsRf6CoQoWH/feEsy2Wy75XMW8R+IL+Wdoy4XniYCLQaTp5m6G

VhJgzCaFxN1/yOomEWQyTmBv6GZ1PmxQtkOvUQxR/p7oqHmwi9VZqbUGgrGrleXs

BeJUNtljlik/rFNYK54HS+Gp5/rmZd0jYqnFABFBEtD5M3vC19WGyo1hA+jmFjI8

3zJ5aM2tzmpYSj1N4qXbw7Cdjnl1uqjWXtwNOhnXaDWbmfuPOORmJRDnn9hf03Xp

9LVSsc94cJQku92PuIBgyeiLR0ilJGPuoM6/aM18DhD/j8DIBeZ6UUC7jUAEtkhN

66iNOX83QTM2QcyS4/7ohZPxcqIpjJ9S9KgaB4Hq0AnbpwMhfXxulVWOh4EYpAxS

p9ppUtZmbdhRPIyY//8fY6Hk5omkivisD2425mYNsalXdJKfWW+4uPEaoqmonj4b

9FFYtMFMYoN8IlAnxAzuBdFuHYyFLB+F2rdhnJ7UpnbF71Bj/aI=

=hF58

—–END PGP SIGNATURE—–