Cisco IOS XE Wireless Controller Software Cisco Discovery Protocol Denial of Service Vulnerability

🚨 SEVERITY: HIGH — CVSS 7.4 Security Advisory

TL;DR 📌

A high-severity vulnerability has been identified in Cisco IOS XE Wireless Controller Software, allowing unauthenticated adjacent attackers to cause a denial of service (DoS) condition. Cisco has released software updates to address this issue, and there are no workarounds available.

What happened 🕵️‍♂️

A vulnerability in the Cisco IOS XE Wireless Controller Software could enable an unauthenticated, adjacent attacker to exploit insufficient input validation of Cisco Discovery Protocol (CDP) neighbor reports. By sending a crafted CDP packet to an affected access point (AP), an attacker could trigger an unexpected reload of the wireless controller managing the AP, resulting in a DoS condition that disrupts the wireless network.

Affected products 🖥️

The following Cisco products are affected if they are running a vulnerable release of Cisco IOS XE Software and have AP CDP enabled:

  • Catalyst 9800-CL Wireless Controllers for Cloud
  • Catalyst 9800 Embedded Wireless Controllers for Catalyst 9300, 9400, and 9500 Series Switches
  • Catalyst 9800 Series Wireless Controllers
  • Embedded Wireless Controllers on Catalyst APs

To determine if a device is affected, check if CDP is enabled for any APs managed by the device.

Fixed software 🔧

Upgrade to at least the first fixed release in your train (or later):

Product / Release Train First Fixed Release Notes
ISE / ISE-PIC 1.0 Initial public release.

Workarounds 🧯

There are no workarounds that directly address this vulnerability. However, if CDP is not required on the AP, administrators can disable CDP on every AP profile through the web-based management GUI or CLI.

Risk in context 🎯

With a CVSS score of 7.4, this vulnerability is classified as high severity. Organizations using affected Cisco products should prioritize applying the necessary software updates to mitigate the risk of a denial of service attack that could disrupt wireless network operations.

Fast facts ⚡

  • Advisory ID: cisco-sa-ewlc-cdp-dos-fpeks9K
  • CVSS Score: 7.4 (HIGH)
  • Vulnerability Type: Denial of Service (DoS)
  • Exploitation: Unauthenticated, adjacent attacker
  • Impact: Unexpected reload of wireless controller

For leadership 🧭

This advisory highlights a critical vulnerability affecting Cisco IOS XE Wireless Controller Software that could lead to significant disruptions in wireless network services. It is essential for IT leadership to ensure that affected systems are updated promptly and to assess the potential impact on business operations. Regular reviews of security advisories and timely application of software updates are crucial for maintaining network integrity and security.