7.4

CVE-2025-20241

Medienbericht

A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.

This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition.
Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung.
Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).
HerstellerCisco
Produkt Cisco NX-OS Software
Default Statusunknown
Version 9.2(3)
Status affected
Version 7.0(3)I5(2)
Status affected
Version 6.0(2)A8(7a)
Status affected
Version 7.0(3)I4(5)
Status affected
Version 7.0(3)I4(6)
Status affected
Version 7.0(3)I4(3)
Status affected
Version 9.2(2v)
Status affected
Version 7.0(3)I4(7)
Status affected
Version 7.0(3)I4(1)
Status affected
Version 7.0(3)I4(8)
Status affected
Version 7.0(3)I4(2)
Status affected
Version 6.0(2)A8(11)
Status affected
Version 9.2(1)
Status affected
Version 9.2(2t)
Status affected
Version 9.2(3y)
Status affected
Version 7.0(3)I4(1t)
Status affected
Version 7.0(3)I7(6z)
Status affected
Version 9.3(2)
Status affected
Version 7.0(3)F3(3)
Status affected
Version 7.0(3)I7(3z)
Status affected
Version 7.0(3)IM7(2)
Status affected
Version 6.0(2)A8(11b)
Status affected
Version 7.0(3)I7(5a)
Status affected
Version 7.0(3)I6(1)
Status affected
Version 7.0(3)I5(3b)
Status affected
Version 9.2(4)
Status affected
Version 6.0(2)A8(10)
Status affected
Version 6.0(2)A8(2)
Status affected
Version 7.0(3)IC4(4)
Status affected
Version 7.0(3)F3(3c)
Status affected
Version 7.0(3)F3(1)
Status affected
Version 7.0(3)F3(5)
Status affected
Version 7.0(3)I7(2)
Status affected
Version 7.0(3)I5(3)
Status affected
Version 7.0(3)I7(3)
Status affected
Version 6.0(2)A8(6)
Status affected
Version 7.0(3)I6(2)
Status affected
Version 6.0(2)A8(5)
Status affected
Version 9.3(1)
Status affected
Version 6.0(2)A8(7)
Status affected
Version 7.0(3)I7(6)
Status affected
Version 6.0(2)A8(11a)
Status affected
Version 7.0(3)I4(8z)
Status affected
Version 7.0(3)I4(9)
Status affected
Version 7.0(3)I7(4)
Status affected
Version 7.0(3)I7(7)
Status affected
Version 6.0(2)A8(9)
Status affected
Version 6.0(2)A8(1)
Status affected
Version 6.0(2)A8(10a)
Status affected
Version 7.0(3)I5(1)
Status affected
Version 9.3(1z)
Status affected
Version 9.2(2)
Status affected
Version 7.0(3)F3(4)
Status affected
Version 7.0(3)I4(8b)
Status affected
Version 6.0(2)A8(3)
Status affected
Version 7.0(3)I4(6t)
Status affected
Version 7.0(3)I5(3a)
Status affected
Version 6.0(2)A8(8)
Status affected
Version 7.0(3)I7(5)
Status affected
Version 7.0(3)F3(3a)
Status affected
Version 6.0(2)A8(4)
Status affected
Version 7.0(3)I4(8a)
Status affected
Version 7.0(3)F3(2)
Status affected
Version 7.0(3)I4(4)
Status affected
Version 7.0(3)I7(1)
Status affected
Version 7.0(3)IA7(2)
Status affected
Version 7.0(3)IA7(1)
Status affected
Version 6.0(2)A8(7b)
Status affected
Version 6.0(2)A8(4a)
Status affected
Version 9.3(3)
Status affected
Version 7.0(3)I7(8)
Status affected
Version 9.3(4)
Status affected
Version 9.3(5)
Status affected
Version 7.0(3)I7(9)
Status affected
Version 9.3(6)
Status affected
Version 10.1(2)
Status affected
Version 10.1(1)
Status affected
Version 9.3(5w)
Status affected
Version 9.3(7)
Status affected
Version 9.3(7k)
Status affected
Version 7.0(3)I7(9w)
Status affected
Version 10.2(1)
Status affected
Version 9.3(7a)
Status affected
Version 9.3(8)
Status affected
Version 7.0(3)I7(10)
Status affected
Version 10.2(1q)
Status affected
Version 10.2(2)
Status affected
Version 9.3(9)
Status affected
Version 10.1(2t)
Status affected
Version 10.2(3)
Status affected
Version 10.2(3t)
Status affected
Version 9.3(10)
Status affected
Version 10.2(2a)
Status affected
Version 10.3(1)
Status affected
Version 10.2(4)
Status affected
Version 10.3(2)
Status affected
Version 9.3(11)
Status affected
Version 10.3(3)
Status affected
Version 10.2(5)
Status affected
Version 9.3(12)
Status affected
Version 10.2(3v)
Status affected
Version 10.4(1)
Status affected
Version 10.3(99w)
Status affected
Version 10.2(6)
Status affected
Version 10.3(3w)
Status affected
Version 10.3(99x)
Status affected
Version 10.3(3o)
Status affected
Version 10.3(4)
Status affected
Version 10.3(3p)
Status affected
Version 10.3(4a)
Status affected
Version 10.4(2)
Status affected
Version 10.3(3q)
Status affected
Version 9.3(13)
Status affected
Version 10.3(5)
Status affected
Version 10.2(7)
Status affected
Version 10.4(3)
Status affected
Version 10.3(3x)
Status affected
Version 10.3(4g)
Status affected
Version 10.5(1)
Status affected
Version 10.2(8)
Status affected
Version 10.3(3r)
Status affected
Version 10.3(6)
Status affected
Version 9.3(14)
Status affected
Version 10.4(4)
Status affected
Version 10.3(4h)
Status affected
Version 10.5(2)
Status affected
Version 10.4(4g)
Status affected
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.06% 0.199
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
psirt@cisco.com 7.4 2.8 4
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CWE-733 Compiler Optimization Removal or Modification of Security-critical Code

The developer builds a security-critical protection mechanism into the software, but the compiler optimizes the program such that the mechanism is removed or modified.