CVE-2025-20365 — Improper Verification of Source of a Communication Channel in Cisco Aironet Access Point Software

CWE-940 — Improper Verification of Source of a Communication Channel4 documents4 sources

Severity

4.3MEDIUMNVD

EPSS

0.0%

top 94.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Cisco Aironet Access Point Software

Timeline

PublishedSep 24

Description

A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to modify the IPv6 gateway on an affected device. This vulnerability is due to a logic error in the processing of IPv6 RA packets that are received from wireless clients. An attacker could exploit this vulnerability by associating to a wireless network and sending a series of crafted IPv6 RA packets. A successful exploit could allow the attacker…

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages1 packages

▶CVEListV5cisco/cisco_aironet_access_point_software69 versions+68

🔴Vulnerability Details

GHSA

GHSA-g88p-ppwj-3qff: A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attack↗2025-09-24

▶

CVEList

CVE-2025-20365: A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attack↗2025-09-24

▶

📋Vendor Advisories

Cisco

Cisco Access Point Software Intermittent IPv6 Gateway Change Vulnerability↗2025-09-24

▶