Description
A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition.
This vulnerability is due to improper memory management when Cisco IOS XE Software is processing Address Resolution Protocol (ARP) messages. An attacker could exploit this vulnerability by sending crafted ARP messages at a high rate over a period of time to an affected device. A successful exploit could allow the attacker to exhaust system resources, which eventually triggers a reload of the active route switch processor (RSP). If a redundant RSP is not present, the router reloads.
Reserved 2024-10-10 | Published 2025-05-07 | Updated 2025-05-07 | Assigner
ciscoHIGH: 7.4CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Problem types
Mismatched Memory Management Routines
Product status
3.16.0S
affected
3.16.1S
affected
3.16.1aS
affected
3.16.2S
affected
3.16.2aS
affected
3.16.0cS
affected
3.16.3S
affected
3.16.2bS
affected
3.16.3aS
affected
3.16.4S
affected
3.16.4aS
affected
3.16.4bS
affected
3.16.5S
affected
3.16.4dS
affected
3.16.6S
affected
3.16.7S
affected
3.16.6bS
affected
3.16.7aS
affected
3.16.7bS
affected
3.16.8S
affected
3.16.9S
affected
3.16.10S
affected
3.17.0S
affected
3.17.1S
affected
3.17.2S
affected
3.17.1aS
affected
3.17.3S
affected
3.17.4S
affected
16.1.1
affected
16.1.2
affected
16.1.3
affected
16.2.1
affected
16.2.2
affected
16.3.1
affected
16.3.2
affected
16.3.3
affected
16.3.1a
affected
16.3.4
affected
16.3.5
affected
16.3.5b
affected
16.3.6
affected
16.3.7
affected
16.3.8
affected
16.3.9
affected
16.3.10
affected
16.3.11
affected
16.4.1
affected
16.4.2
affected
16.4.3
affected
16.5.1
affected
16.5.1a
affected
16.5.1b
affected
16.5.2
affected
16.5.3
affected
3.18.0aS
affected
3.18.0S
affected
3.18.1S
affected
3.18.2S
affected
3.18.3S
affected
3.18.4S
affected
3.18.0SP
affected
3.18.1SP
affected
3.18.1aSP
affected
3.18.1bSP
affected
3.18.1cSP
affected
3.18.2SP
affected
3.18.2aSP
affected
3.18.3SP
affected
3.18.4SP
affected
3.18.3aSP
affected
3.18.3bSP
affected
3.18.5SP
affected
3.18.6SP
affected
3.18.7SP
affected
3.18.8aSP
affected
3.18.9SP
affected
16.6.1
affected
16.6.2
affected
16.6.3
affected
16.6.4
affected
16.6.5
affected
16.6.4a
affected
16.6.5a
affected
16.6.6
affected
16.6.7
affected
16.6.8
affected
16.6.9
affected
16.6.10
affected
16.7.1
affected
16.7.1a
affected
16.7.1b
affected
16.7.2
affected
16.7.3
affected
16.7.4
affected
16.8.1
affected
16.8.1a
affected
16.8.1b
affected
16.8.1s
affected
16.8.1c
affected
16.8.1d
affected
16.8.2
affected
16.8.1e
affected
16.8.3
affected
16.9.1
affected
16.9.2
affected
16.9.1a
affected
16.9.1b
affected
16.9.1s
affected
16.9.3
affected
16.9.4
affected
16.9.3a
affected
16.9.5
affected
16.9.5f
affected
16.9.6
affected
16.9.7
affected
16.9.8
affected
16.10.1
affected
16.10.1a
affected
16.10.1b
affected
16.10.1s
affected
16.10.1c
affected
16.10.1e
affected
16.10.1d
affected
16.10.2
affected
16.10.1f
affected
16.10.1g
affected
16.10.3
affected
16.11.1
affected
16.11.1a
affected
16.11.1b
affected
16.11.2
affected
16.11.1s
affected
16.12.1
affected
16.12.1s
affected
16.12.1a
affected
16.12.1c
affected
16.12.1w
affected
16.12.2
affected
16.12.1y
affected
16.12.2a
affected
16.12.3
affected
16.12.8
affected
16.12.2s
affected
16.12.1x
affected
16.12.1t
affected
16.12.4
affected
16.12.3s
affected
16.12.3a
affected
16.12.4a
affected
16.12.5
affected
16.12.6
affected
16.12.1z1
affected
16.12.5a
affected
16.12.5b
affected
16.12.1z2
affected
16.12.6a
affected
16.12.7
affected
16.12.9
affected
16.12.10
affected
16.12.10a
affected
16.12.11
affected
16.12.12
affected
16.12.13
affected
17.1.1
affected
17.1.1a
affected
17.1.1s
affected
17.1.1t
affected
17.1.3
affected
17.2.1
affected
17.2.1r
affected
17.2.1a
affected
17.2.1v
affected
17.2.2
affected
17.2.3
affected
17.3.1
affected
17.3.2
affected
17.3.3
affected
17.3.1a
affected
17.3.1w
affected
17.3.2a
affected
17.3.1x
affected
17.3.1z
affected
17.3.4
affected
17.3.5
affected
17.3.4a
affected
17.3.6
affected
17.3.4b
affected
17.3.4c
affected
17.3.5a
affected
17.3.5b
affected
17.3.7
affected
17.3.8
affected
17.3.8a
affected
17.4.1
affected
17.4.2
affected
17.4.1a
affected
17.4.1b
affected
17.4.2a
affected
17.5.1
affected
17.5.1a
affected
17.6.1
affected
17.6.2
affected
17.6.1w
affected
17.6.1a
affected
17.6.1x
affected
17.6.3
affected
17.6.1y
affected
17.6.1z
affected
17.6.3a
affected
17.6.4
affected
17.6.1z1
affected
17.6.5
affected
17.6.6
affected
17.6.6a
affected
17.6.5a
affected
17.6.7
affected
17.6.8
affected
17.6.8a
affected
17.7.1
affected
17.7.1a
affected
17.7.1b
affected
17.7.2
affected
17.10.1
affected
17.10.1a
affected
17.10.1b
affected
17.8.1
affected
17.8.1a
affected
17.9.1
affected
17.9.1w
affected
17.9.2
affected
17.9.1a
affected
17.9.1x
affected
17.9.1y
affected
17.9.3
affected
17.9.2a
affected
17.9.1x1
affected
17.9.3a
affected
17.9.4
affected
17.9.1y1
affected
17.9.5
affected
17.9.4a
affected
17.9.5a
affected
17.9.5b
affected
17.9.6
affected
17.9.6a
affected
17.9.5e
affected
17.9.5f
affected
17.11.1
affected
17.11.1a
affected
17.12.1
affected
17.12.1w
affected
17.12.1x
affected
17.12.2
affected
17.12.3
affected
17.12.2a
affected
17.12.1y
affected
17.12.1z
affected
17.12.4
affected
17.12.3a
affected
17.12.1z1
affected
17.12.4a
affected
17.12.4b
affected
17.13.1
affected
17.13.1a
affected
17.14.1
affected
17.14.1a
affected
References
sec.cloudapps.cisco.com/...o-sa-asr903-rsp3-arp-dos-WmfzdvJZ (cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ)
cve.org (CVE-2025-20189)
nvd.nist.gov (CVE-2025-20189)
Download JSON
