CVE-2025-20162

HIGH EPSS 35.0%
Published May 7, 20251y ago · Modified Jun 17, 20262w ago
8.6 CVSS 3.1
High
Find Similar
Published May 7, 2025 1y ago
Last Modified Jun 17, 2026 2w ago

Description

A vulnerability in the DHCP snooping security feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a full interface queue wedge, which could result in a denial of service (DoS) condition. This vulnerability is due to improper handling of DHCP request packets. An attacker could exploit this vulnerability by sending DHCP request packets to an affected device. A successful exploit could allow the attacker to cause packets to wedge in the queue, creating a DoS condition for downstream devices of the affected system and requiring that the system restart to drain the queue. Note: This vulnerability can be exploited with either unicast or broadcast DHCP packets on a VLAN that does not have DHCP snooping enabled.

CVSS Details

Base Score
8.6
Exploitability
3.9
Impact
4.0
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector Network
Attack Complexity Low
Privileges Required None
User Interaction None
Scope Changed
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
35.0% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-400 Uncontrolled Resource Consumption Resource Mgmt

Affected Products 93

VendorProductVersionRange
ciscoios_xe16.11.1any
ciscoios_xe16.11.1aany
ciscoios_xe16.11.1sany
ciscoios_xe16.11.2any
ciscoios_xe16.12.1any
ciscoios_xe16.12.1aany
ciscoios_xe16.12.1cany
ciscoios_xe16.12.1sany
ciscoios_xe16.12.2any
ciscoios_xe16.12.2sany
ciscoios_xe16.12.3any
ciscoios_xe16.12.3sany
ciscoios_xe16.12.4any
ciscoios_xe16.12.5any
ciscoios_xe16.12.6any
ciscoios_xe16.12.7any
ciscoios_xe16.12.8any
ciscoios_xe17.1.1any
ciscoios_xe17.1.1sany
ciscoios_xe17.1.1tany
ciscoios_xe17.1.3any
ciscoios_xe17.2.1any
ciscoios_xe17.2.1rany
ciscoios_xe17.2.1vany
ciscoios_xe17.2.2any
ciscoios_xe17.2.3any
ciscoios_xe17.3.1any
ciscoios_xe17.3.1aany
ciscoios_xe17.3.2any
ciscoios_xe17.3.3any
ciscoios_xe17.3.4any
ciscoios_xe17.3.4aany
ciscoios_xe17.3.5any
ciscoios_xe17.3.6any
ciscoios_xe17.3.7any
ciscoios_xe17.3.8any
ciscoios_xe17.3.8aany
ciscoios_xe17.4.1any
ciscoios_xe17.4.1aany
ciscoios_xe17.4.1bany
ciscoios_xe17.4.2any
ciscoios_xe17.5.1any
ciscoios_xe17.5.1aany
ciscoios_xe17.6.1any
ciscoios_xe17.6.1aany
ciscoios_xe17.6.1yany
ciscoios_xe17.6.2any
ciscoios_xe17.6.3any
ciscoios_xe17.6.3aany
ciscoios_xe17.6.4any
ciscoios_xe17.6.5any
ciscoios_xe17.6.5aany
ciscoios_xe17.6.6any
ciscoios_xe17.6.6aany
ciscoios_xe17.6.7any
ciscoios_xe17.6.8any
ciscoios_xe17.6.8aany
ciscoios_xe17.7.1any
ciscoios_xe17.7.1aany
ciscoios_xe17.7.2any
ciscoios_xe17.8.1any
ciscoios_xe17.8.1aany
ciscoios_xe17.9.1any
ciscoios_xe17.9.1aany
ciscoios_xe17.9.2any
ciscoios_xe17.9.2aany
ciscoios_xe17.9.3any
ciscoios_xe17.9.3aany
ciscoios_xe17.9.4any
ciscoios_xe17.9.4aany
ciscoios_xe17.9.5any
ciscoios_xe17.9.5aany
ciscoios_xe17.9.5eany
ciscoios_xe17.9.5fany
ciscoios_xe17.9.6any
ciscoios_xe17.10.1any
ciscoios_xe17.10.1aany
ciscoios_xe17.11.1any
ciscoios_xe17.11.1aany
ciscoios_xe17.12.1any
ciscoios_xe17.12.1aany
ciscoios_xe17.12.2any
ciscoios_xe17.12.3any
ciscoios_xe17.12.3aany
ciscoios_xe17.12.4any
ciscoios_xe17.12.4aany
ciscoios_xe17.12.4bany
ciscoios_xe17.13.1any
ciscoios_xe17.13.1aany
ciscoios_xe17.14.1any
ciscoios_xe17.14.1aany
ciscoios_xe17.15.1any
ciscoios_xe17.15.1aany

References 1

  • sec.cloudapps.cisco.com https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-dhcpsn-dos-xBn8Mtks
    Vendor Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.