CVE-2025-20162

CWE-400Uncontrolled Resource Consumption4 documents4 sources
Severity
8.6HIGH
EPSS
0.5%
top 36.07%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Cisco Cisco IOS XE SoftwareCisco IOS XE
Timeline
PublishedMay 7

Description

A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition. This vulnerability is due to improper handling of DHCP request packets. An attacker could exploit this vulnerability by sending DHCP request packets to an affected device. A successful exploit could allow the attacker to cause packets to wedge in the queue, creating a DoS co

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 3.9 | Impact: 4.0

Affected Packages2 packages

CVEListV5cisco/cisco_ios_xe_software93 versions+92
NVDcisco/ios_xe93 versions+92

🔴Vulnerability Details

2
GHSA
GHSA-p84x-683q-c49j: A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interfa2025-05-07
CVEList
CVE-2025-20162: A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interfa2025-05-07

📋Vendor Advisories

1
Cisco
Cisco IOS XE Software DHCP Snooping Denial of Service Vulnerability2025-05-07