Home

Description

A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper memory management when Cisco IOS XE Software is processing Address Resolution Protocol (ARP) messages. An attacker could exploit this vulnerability by sending crafted ARP messages at a high rate over a period of time to an affected device. A successful exploit could allow the attacker to exhaust system resources, which eventually triggers a reload of the active route switch processor (RSP). If a redundant RSP is not present, the router reloads.

PUBLISHED Reserved 2024-10-10 | Published 2025-05-07 | Updated 2025-05-07 | Assigner cisco




HIGH: 7.4CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Problem types

Mismatched Memory Management Routines

Product status

3.16.0S
affected

3.16.1S
affected

3.16.1aS
affected

3.16.2S
affected

3.16.2aS
affected

3.16.0cS
affected

3.16.3S
affected

3.16.2bS
affected

3.16.3aS
affected

3.16.4S
affected

3.16.4aS
affected

3.16.4bS
affected

3.16.5S
affected

3.16.4dS
affected

3.16.6S
affected

3.16.7S
affected

3.16.6bS
affected

3.16.7aS
affected

3.16.7bS
affected

3.16.8S
affected

3.16.9S
affected

3.16.10S
affected

3.17.0S
affected

3.17.1S
affected

3.17.2S
affected

3.17.1aS
affected

3.17.3S
affected

3.17.4S
affected

16.1.1
affected

16.1.2
affected

16.1.3
affected

16.2.1
affected

16.2.2
affected

16.3.1
affected

16.3.2
affected

16.3.3
affected

16.3.1a
affected

16.3.4
affected

16.3.5
affected

16.3.5b
affected

16.3.6
affected

16.3.7
affected

16.3.8
affected

16.3.9
affected

16.3.10
affected

16.3.11
affected

16.4.1
affected

16.4.2
affected

16.4.3
affected

16.5.1
affected

16.5.1a
affected

16.5.1b
affected

16.5.2
affected

16.5.3
affected

3.18.0aS
affected

3.18.0S
affected

3.18.1S
affected

3.18.2S
affected

3.18.3S
affected

3.18.4S
affected

3.18.0SP
affected

3.18.1SP
affected

3.18.1aSP
affected

3.18.1bSP
affected

3.18.1cSP
affected

3.18.2SP
affected

3.18.2aSP
affected

3.18.3SP
affected

3.18.4SP
affected

3.18.3aSP
affected

3.18.3bSP
affected

3.18.5SP
affected

3.18.6SP
affected

3.18.7SP
affected

3.18.8aSP
affected

3.18.9SP
affected

16.6.1
affected

16.6.2
affected

16.6.3
affected

16.6.4
affected

16.6.5
affected

16.6.4a
affected

16.6.5a
affected

16.6.6
affected

16.6.7
affected

16.6.8
affected

16.6.9
affected

16.6.10
affected

16.7.1
affected

16.7.1a
affected

16.7.1b
affected

16.7.2
affected

16.7.3
affected

16.7.4
affected

16.8.1
affected

16.8.1a
affected

16.8.1b
affected

16.8.1s
affected

16.8.1c
affected

16.8.1d
affected

16.8.2
affected

16.8.1e
affected

16.8.3
affected

16.9.1
affected

16.9.2
affected

16.9.1a
affected

16.9.1b
affected

16.9.1s
affected

16.9.3
affected

16.9.4
affected

16.9.3a
affected

16.9.5
affected

16.9.5f
affected

16.9.6
affected

16.9.7
affected

16.9.8
affected

16.10.1
affected

16.10.1a
affected

16.10.1b
affected

16.10.1s
affected

16.10.1c
affected

16.10.1e
affected

16.10.1d
affected

16.10.2
affected

16.10.1f
affected

16.10.1g
affected

16.10.3
affected

16.11.1
affected

16.11.1a
affected

16.11.1b
affected

16.11.2
affected

16.11.1s
affected

16.12.1
affected

16.12.1s
affected

16.12.1a
affected

16.12.1c
affected

16.12.1w
affected

16.12.2
affected

16.12.1y
affected

16.12.2a
affected

16.12.3
affected

16.12.8
affected

16.12.2s
affected

16.12.1x
affected

16.12.1t
affected

16.12.4
affected

16.12.3s
affected

16.12.3a
affected

16.12.4a
affected

16.12.5
affected

16.12.6
affected

16.12.1z1
affected

16.12.5a
affected

16.12.5b
affected

16.12.1z2
affected

16.12.6a
affected

16.12.7
affected

16.12.9
affected

16.12.10
affected

16.12.10a
affected

16.12.11
affected

16.12.12
affected

16.12.13
affected

17.1.1
affected

17.1.1a
affected

17.1.1s
affected

17.1.1t
affected

17.1.3
affected

17.2.1
affected

17.2.1r
affected

17.2.1a
affected

17.2.1v
affected

17.2.2
affected

17.2.3
affected

17.3.1
affected

17.3.2
affected

17.3.3
affected

17.3.1a
affected

17.3.1w
affected

17.3.2a
affected

17.3.1x
affected

17.3.1z
affected

17.3.4
affected

17.3.5
affected

17.3.4a
affected

17.3.6
affected

17.3.4b
affected

17.3.4c
affected

17.3.5a
affected

17.3.5b
affected

17.3.7
affected

17.3.8
affected

17.3.8a
affected

17.4.1
affected

17.4.2
affected

17.4.1a
affected

17.4.1b
affected

17.4.2a
affected

17.5.1
affected

17.5.1a
affected

17.6.1
affected

17.6.2
affected

17.6.1w
affected

17.6.1a
affected

17.6.1x
affected

17.6.3
affected

17.6.1y
affected

17.6.1z
affected

17.6.3a
affected

17.6.4
affected

17.6.1z1
affected

17.6.5
affected

17.6.6
affected

17.6.6a
affected

17.6.5a
affected

17.6.7
affected

17.6.8
affected

17.6.8a
affected

17.7.1
affected

17.7.1a
affected

17.7.1b
affected

17.7.2
affected

17.10.1
affected

17.10.1a
affected

17.10.1b
affected

17.8.1
affected

17.8.1a
affected

17.9.1
affected

17.9.1w
affected

17.9.2
affected

17.9.1a
affected

17.9.1x
affected

17.9.1y
affected

17.9.3
affected

17.9.2a
affected

17.9.1x1
affected

17.9.3a
affected

17.9.4
affected

17.9.1y1
affected

17.9.5
affected

17.9.4a
affected

17.9.5a
affected

17.9.5b
affected

17.9.6
affected

17.9.6a
affected

17.9.5e
affected

17.9.5f
affected

17.11.1
affected

17.11.1a
affected

17.12.1
affected

17.12.1w
affected

17.12.1x
affected

17.12.2
affected

17.12.3
affected

17.12.2a
affected

17.12.1y
affected

17.12.1z
affected

17.12.4
affected

17.12.3a
affected

17.12.1z1
affected

17.12.4a
affected

17.12.4b
affected

17.13.1
affected

17.13.1a
affected

17.14.1
affected

17.14.1a
affected

References

sec.cloudapps.cisco.com/...o-sa-asr903-rsp3-arp-dos-WmfzdvJZ (cisco-sa-asr903-rsp3-arp-dos-WmfzdvJZ)

cve.org (CVE-2025-20189)

nvd.nist.gov (CVE-2025-20189)

Download JSON