CVE-2026-20004

HIGH

Cisco IOS XE Software 16.9.1-16.9.7 - Unauthenticated Denial of Service via TLS Connection Memory Exhaustion

Title source: llm

Description

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this vulnerability by repeatedly triggering the conditions that cause the memory increase. This could be done in a variety of ways, such as by repeatedly attempting Extensible Authentication Protocol (EAP) authentication when local EAP is enabled on an affected device or by using a machine-in-the-middle attack and resetting TLS connections between the affected device and other devices. A successful exploit could allow the attacker to exhaust the available memory on an affected device, resulting in an unexpected reload and a denial of service (DoS) condition.

References (1)

Core 1

Core References

cisco-sa-iosxe-tls-dos-TVgLDEZL

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-tls-dos-TVgLDEZL

Scores

CVSS v3 7.4

EPSS 0.0006

EPSS Percentile 17.7%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-771

Status published

Products (50)

Cisco/Cisco IOS XE Software 16.10.1

Cisco/Cisco IOS XE Software 16.10.1a

Cisco/Cisco IOS XE Software 16.10.1b

Cisco/Cisco IOS XE Software 16.10.1c

Cisco/Cisco IOS XE Software 16.10.1d

Cisco/Cisco IOS XE Software 16.10.1e

Cisco/Cisco IOS XE Software 16.10.1f

Cisco/Cisco IOS XE Software 16.10.1g

Cisco/Cisco IOS XE Software 16.10.1s

Cisco/Cisco IOS XE Software 16.10.2

... and 40 more

Published Mar 25, 2026

Tracked Since Mar 25, 2026