CVE-2024-20354

MEDIUM

Cisco WLC 8.5.171.0-8.5.182.0 & IOS XE 16.12.4a-17.0.0 DoS via Malformed Frames

Title source: llm

Description

A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. This vulnerability is due to incomplete cleanup of resources when dropping certain malformed frames. An attacker could exploit this vulnerability by connecting as a wireless client to an affected AP and sending specific malformed frames over the wireless connection. A successful exploit could allow the attacker to cause degradation of service to other clients, which could potentially lead to a complete DoS condition.

References (1)

Core 1

Core References

Vendor Advisory

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-airo-ap-dos-PPPtcVW

Scores

CVSS v3 4.7

EPSS 0.0004

EPSS Percentile 12.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-460

Status published

Products (2)

cisco/ios_xe 16.12.4a - 17.1.0

cisco/wireless_lan_controller_software 8.5.171.0 - 8.6.0.0

Published Mar 27, 2024

Tracked Since Feb 18, 2026