CVE-2026-20051

CWE-4574 documents4 sources
Severity
7.4HIGH
EPSS
0.0%
top 85.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Cisco Nx-os Software
Timeline
PublishedFeb 25

Description

A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Switching Platforms could allow an unauthenticated, adjacent attacker to trigger a Layer 2 traffic loop. This vulnerability is due to a logic error when processing a crafted Layer 2 ingress frame. An attacker could exploit this vulnerability by sending a stream of crafted Ethernet frames through the targeted device. A successful exploit could allow t

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:HExploitability: 2.8 | Impact: 4.0

Affected Packages1 packages

CVEListV5cisco/cisco_nx-os_software75 versions+74

🔴Vulnerability Details

2
GHSA
GHSA-4466-83q5-3rxw: A vulnerability with the Ethernet VPN (EVPN) Layer 2 ingress packet processing of Cisco Nexus 3600 Platform Switches and Cisco Nexus 9500-R Series Swi2026-02-25
CVEList
Cisco Nexus 3600-R and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability2026-02-25

📋Vendor Advisories

1
Cisco
Cisco Nexus 3600 and 9500-R Series Switching Platforms Layer 2 Loop Denial of Service Vulnerability2026-02-25
CVE-2026-20051 (HIGH CVSS 7.4) | A vulnerability with the Ethernet V | cvebase.io