CVE-2025-20315 | THREATINT

Description

A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition. This vulnerability is due to improper handling of malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. An attacker could exploit this vulnerability by sending malformed CAPWAP packets through an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.

PUBLISHED Reserved 2024-10-10 | Published 2025-09-24 | Updated 2025-09-24 | Assigner cisco

HIGH: 8.6CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Problem types

Buffer Access with Incorrect Length Value

Product status

3.7.0S

affected

3.7.1S

affected

3.7.2S

affected

3.7.3S

affected

3.7.4S

affected

3.7.5S

affected

3.7.6S

affected

3.7.7S

affected

3.7.4aS

affected

3.7.2tS

affected

3.7.0bS

affected

3.7.1aS

affected

3.8.0S

affected

3.8.1S

affected

3.8.2S

affected

3.9.1S

affected

3.9.0S

affected

3.9.2S

affected

3.9.1aS

affected

3.9.0aS

affected

3.11.1S

affected

3.11.2S

affected

3.11.0S

affected

3.11.3S

affected

3.11.4S

affected

3.12.0S

affected

3.12.1S

affected

3.12.2S

affected

3.12.3S

affected

3.12.0aS

affected

3.12.4S

affected

3.13.0S

affected

3.13.1S

affected

3.13.2S

affected

3.13.3S

affected

3.13.4S

affected

3.13.5S

affected

3.13.2aS

affected

3.13.0aS

affected

3.13.5aS

affected

3.13.6S

affected

3.13.7S

affected

3.13.6aS

affected

3.13.7aS

affected

3.13.8S

affected

3.13.9S

affected

3.13.10S

affected

3.14.0S

affected

3.14.1S

affected

3.14.2S

affected

3.14.3S

affected

3.14.4S

affected

3.15.0S

affected

3.15.1S

affected

3.15.2S

affected

3.15.1cS

affected

3.15.3S

affected

3.15.4S

affected

3.16.0S

affected

3.16.1S

affected

3.16.1aS

affected

3.16.2S

affected

3.16.2aS

affected

3.16.0cS

affected

3.16.3S

affected

3.16.2bS

affected

3.16.3aS

affected

3.16.4S

affected

3.16.4aS

affected

3.16.4bS

affected

3.16.5S

affected

3.16.4dS

affected

3.16.6S

affected

3.16.7S

affected

3.16.6bS

affected

3.16.7aS

affected

3.16.7bS

affected

3.16.8S

affected

3.16.9S

affected

3.16.10S

affected

3.17.0S

affected

3.17.1S

affected

3.17.2S

affected

3.17.1aS

affected

3.17.3S

affected

3.17.4S

affected

16.1.1

affected

16.1.2

affected

16.1.3

affected

16.2.1

affected

16.2.2

affected

16.3.1

affected

16.3.2

affected

16.3.3

affected

16.3.1a

affected

16.3.4

affected

16.3.5

affected

16.3.5b

affected

16.3.6

affected

16.3.7

affected

16.3.8

affected

16.3.9

affected

16.3.10

affected

16.3.11

affected

16.4.1

affected

16.4.2

affected

16.4.3

affected

16.5.1

affected

16.5.1a

affected

16.5.1b

affected

16.5.2

affected

16.5.3

affected

3.18.0aS

affected

3.18.0S

affected

3.18.1S

affected

3.18.2S

affected

3.18.3S

affected

3.18.4S

affected

3.18.0SP

affected

3.18.1SP

affected

3.18.1aSP

affected

3.18.1bSP

affected

3.18.1cSP

affected

3.18.2SP

affected

3.18.2aSP

affected

3.18.3SP

affected

3.18.4SP

affected

3.18.3aSP

affected

3.18.3bSP

affected

3.18.5SP

affected

3.18.6SP

affected

3.18.7SP

affected

3.18.8aSP

affected

3.18.9SP

affected

16.6.1

affected

16.6.2

affected

16.6.3

affected

16.6.4

affected

16.6.5

affected

16.6.4a

affected

16.6.5a

affected

16.6.6

affected

16.6.7

affected

16.6.8

affected

16.6.9

affected

16.6.10

affected

16.7.1

affected

16.7.1a

affected

16.7.1b

affected

16.7.2

affected

16.7.3

affected

16.7.4

affected

16.8.1

affected

16.8.1a

affected

16.8.1b

affected

16.8.1s

affected

16.8.1c

affected

16.8.1d

affected

16.8.2

affected

16.8.1e

affected

16.8.3

affected

16.9.1

affected

16.9.2

affected

16.9.1a

affected

16.9.1b

affected

16.9.1s

affected

16.9.3

affected

16.9.4

affected

16.9.3a

affected

16.9.5

affected

16.9.5f

affected

16.9.6

affected

16.9.7

affected

16.9.8

affected

16.10.1

affected

16.10.1a

affected

16.10.1b

affected

16.10.1s

affected

16.10.1c

affected

16.10.1e

affected

16.10.1d

affected

16.10.2

affected

16.10.1f

affected

16.10.1g

affected

16.10.3

affected

16.11.1

affected

16.11.1a

affected

16.11.1b

affected

16.11.2

affected

16.11.1s

affected

16.12.1

affected

16.12.1s

affected

16.12.1a

affected

16.12.1c

affected

16.12.1w

affected

16.12.2

affected

16.12.1y

affected

16.12.2a

affected

16.12.3

affected

16.12.8

affected

16.12.2s

affected

16.12.1x

affected

16.12.1t

affected

16.12.4

affected

16.12.3s

affected

16.12.3a

affected

16.12.4a

affected

16.12.5

affected

16.12.6

affected

16.12.1z1

affected

16.12.5a

affected

16.12.5b

affected

16.12.1z2

affected

16.12.6a

affected

16.12.7

affected

16.12.9

affected

16.12.10

affected

16.12.10a

affected

16.12.11

affected

16.12.12

affected

16.12.13

affected

17.1.1

affected

17.1.1a

affected

17.1.1s

affected

17.1.1t

affected

17.1.3

affected

17.2.1

affected

17.2.1r

affected

17.2.1a

affected

17.2.1v

affected

17.2.2

affected

17.2.3

affected

17.3.1

affected

17.3.2

affected

17.3.3

affected

17.3.1a

affected

17.3.1w

affected

17.3.2a

affected

17.3.1x

affected

17.3.1z

affected

17.3.4

affected

17.3.5

affected

17.3.4a

affected

17.3.6

affected

17.3.4b

affected

17.3.4c

affected

17.3.5a

affected

17.3.5b

affected

17.3.7

affected

17.3.8

affected

17.3.8a

affected

17.4.1

affected

17.4.2

affected

17.4.1a

affected

17.4.1b

affected

17.4.2a

affected

17.5.1

affected

17.5.1a

affected

17.6.1

affected

17.6.2

affected

17.6.1w

affected

17.6.1a

affected

17.6.1x

affected

17.6.3

affected

17.6.1y

affected

17.6.1z

affected

17.6.3a

affected

17.6.4

affected

17.6.1z1

affected

17.6.5

affected

17.6.6

affected

17.6.6a

affected

17.6.5a

affected

17.6.7

affected

17.6.8

affected

17.6.8a

affected

17.7.1

affected

17.7.1a

affected

17.7.1b

affected

17.7.2

affected

17.10.1

affected

17.10.1a

affected

17.10.1b

affected

17.8.1

affected

17.8.1a

affected

17.9.1

affected

17.9.1w

affected

17.9.2

affected

17.9.1a

affected

17.9.1x

affected

17.9.1y

affected

17.9.3

affected

17.9.2a

affected

17.9.1x1

affected

17.9.3a

affected

17.9.4

affected

17.9.1y1

affected

17.9.5

affected

17.9.4a

affected

17.9.5a

affected

17.9.5b

affected

17.9.6

affected

17.9.6a

affected

17.9.5e

affected

17.9.5f

affected

17.11.1

affected

17.11.1a

affected

17.12.1

affected

17.12.1w

affected

17.12.1a

affected

17.12.1x

affected

17.12.2

affected

17.12.3

affected

17.12.2a

affected

17.12.1y

affected

17.12.1z

affected

17.12.4

affected

17.12.3a

affected

17.12.1z1

affected

17.12.1z2

affected

17.12.4a

affected

17.12.4b

affected

17.12.1z3

affected

17.13.1

affected

17.13.1a

affected

17.14.1

affected

17.14.1a

affected

17.11.99SW

affected

17.15.1

affected

17.15.1w

affected

17.15.1a

affected

17.15.2

affected

17.15.1b

affected

17.15.1x

affected

17.15.1z

affected

17.15.2c

affected

17.15.2a

affected

17.15.2b

affected

17.16.1

affected

17.16.1a

affected

References

sec.cloudapps.cisco.com/...visory/cisco-sa-nbar-dos-LAvwTmeT (cisco-sa-nbar-dos-LAvwTmeT)

cve.org (CVE-2025-20315)

nvd.nist.gov (CVE-2025-20315)

Download JSON