—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Denial of Service Vulnerability in CISCO

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: HIGH

Systems Affected

1100 Integrated Services Routers

4000 Series Integrated Services Routers

ASR 920 Series Aggregation Services Routers

ASR 1000 Series Aggregation Services Routers

Catalyst 1101 Rugged Routers

Catalyst 8000V Edge Software

Catalyst 8200 Series Edge Platforms

Catalyst 8300 Series Edge Platforms

Catalyst 8500 Edge Platforms

Catalyst 8500L Edge Platforms

Catalyst IR8300 Rugged Series Routers

Overview

A vulnerability has been reported in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an  unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition.

Target Audience: 

All IT administrators and individuals responsible for maintaining and updating in Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software.

Risk Assessment:

High risk of data manipulation and service disruption.

Impact Assessment:

Potential impact on confidentiality, integrity, and availability of the system.

Description

This vulnerability exists due to improper handling of malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. An attacker could exploit this vulnerability by sending malformed CAPWAP packets through an affected device.

Successful exploitation of this vulnerability could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.

Solution

Apply appropriate updates as mentioned in Cisco Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nbar-dos-LAvwTmeT

Vendor Information

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nbar-dos-LAvwTmeT

References

CISCO

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nbar-dos-LAvwTmeT

CVE Name

CVE-2025-20315

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmjWmUkACgkQ3jCgcSdc

ys/WXBAApSvkHNnTh4iPQyCcw3+eGNO99UyP1nejtBbDpt5qcqtnAzK5X52OjVMF

ft8AP7a7irueaOYzGnwRK3GTJ6UZJdXbbj1lTUHPkBGKt2Tx3VAL9RR92jMIVI/e

NAvLLRVQAt9WLTbpVc4CE/Fp7Xglcu1MQhKuC9aydDRDHeHXHx6pR/mgmsB1Ncml

eCjJ24mzXweEUIuom5nesSlaEI/9No9lNQFvykLNfTYE5MsOsrjOKDRU2nM7P5Jt

hTUzexTlwuSzWrgdgsiPOezKGvmBs/wtwISoq/402s5aKHB6+DtG5EHX6+qGGVkr

AiS5vxaH+mK0T4JYEDO2DZnU/w70W9vr1moGGvUWHcc78K35ZY/i4DyZw1dHyR2i

bvgyvHUQcT/hEKSdHjO60Gy8wgkgei45X4fEZwmEtJLZAoXPuhUqHE4t2IDIMMze

ykzaKHuJtCoFfRcr31ELjpEwoFVv2XlYvNdIZQXG4wTTfe4mgZ3JYn0KmDWFw9nd

sMZv3yfXkacSBOvnRZ4rOjUlgLDbZwh5E2xVi9VbjMvfda3mYFt6WGkhp9HKl8QC

SE+jiwzsCl+QKr9B1u+y59U/3y5+v/RjSX4fLxESsAtwJz7L3NzX8l+SldSKgRJp

xV3HY7RlG/5/7gjx+17tksa5PjWhuyqNPIw7kX0ElzRh35SGL7I=

=Ntg7

—–END PGP SIGNATURE—–