{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-20033", "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "state": "PUBLISHED", "assignerShortName": "cisco", "dateReserved": "2025-10-08T11:59:15.353Z", "datePublished": "2026-02-25T16:26:29.215Z", "dateUpdated": "2026-02-25T19:05:48.146Z"}, "containers": {"cna": {"title": "Cisco NX-OS Software Denial of Service Vulnerability", "metrics": [{"format": "cvssV3_1", "cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "baseScore": 7.4, "baseSeverity": "HIGH", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH"}}], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\r\nNote: Only the out-of-band (OOB) management interface is affected."}], "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cpdos-qLsv6pFD", "name": "cisco-sa-nxos-cpdos-qLsv6pFD"}], "exploits": [{"lang": "en", "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."}], "source": {"advisory": "cisco-sa-nxos-cpdos-qLsv6pFD", "discovery": "EXTERNAL", "defects": ["CSCwq96001"]}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "Buffer Access with Incorrect Length Value", "type": "cwe", "cweId": "CWE-805"}]}], "affected": [{"vendor": "Cisco", "product": "Cisco NX-OS System Software in ACI Mode", "versions": [{"version": "15.2(1g)", "status": "affected"}, {"version": "15.2(2e)", "status": "affected"}, {"version": "15.2(2f)", "status": "affected"}, {"version": "15.2(2g)", "status": "affected"}, {"version": "15.2(2h)", "status": "affected"}, {"version": "15.2(3f)", "status": "affected"}, {"version": "15.2(3e)", "status": "affected"}, {"version": "15.2(3g)", "status": "affected"}, {"version": "15.2(4d)", "status": "affected"}, {"version": "15.2(4e)", "status": "affected"}, {"version": "15.2(5c)", "status": "affected"}, {"version": "15.2(5d)", "status": "affected"}, {"version": "16.0(1g)", "status": "affected"}, {"version": "15.2(5e)", "status": "affected"}, {"version": "15.2(4f)", "status": "affected"}, {"version": "15.2(6e)", "status": "affected"}, {"version": "15.2(6h)", "status": "affected"}, {"version": "16.0(1j)", "status": "affected"}, {"version": "15.2(6g)", "status": "affected"}, {"version": "15.2(7f)", "status": "affected"}, {"version": "15.2(7g)", "status": "affected"}, {"version": "16.0(2h)", "status": "affected"}, {"version": "15.2(8d)", "status": "affected"}, {"version": "16.0(2j)", "status": "affected"}, {"version": "15.2(8e)", "status": "affected"}, {"version": "16.0(3d)", "status": "affected"}, {"version": "16.0(3e)", "status": "affected"}, {"version": "15.2(8f)", "status": "affected"}, {"version": "15.2(8g)", "status": "affected"}, {"version": "15.3(1d)", "status": "affected"}, {"version": "15.2(8h)", "status": "affected"}, {"version": "16.0(4c)", "status": "affected"}, {"version": "15.3(2a)", "status": "affected"}, {"version": "15.2(8i)", "status": "affected"}, {"version": "16.0(5h)", "status": "affected"}, {"version": "15.3(2b)", "status": "affected"}, {"version": "16.0(3g)", "status": "affected"}, {"version": "16.0(5j)", "status": "affected"}, {"version": "15.3(2c)", "status": "affected"}, {"version": "16.0(6c)", "status": "affected"}, {"version": "15.3(2d)", "status": "affected"}, {"version": "16.1(1f)", "status": "affected"}, {"version": "16.0(7e)", "status": "affected"}, {"version": "16.0(8e)", "status": "affected"}, {"version": "15.3(2e)", "status": "affected"}, {"version": "16.0(8f)", "status": "affected"}, {"version": "16.1(2f)", "status": "affected"}, {"version": "16.1(2g)", "status": "affected"}, {"version": "15.3(2f)", "status": "affected"}, {"version": "16.0(9c)", "status": "affected"}, {"version": "16.1(3f)", "status": "affected"}, {"version": "16.0(9d)", "status": "affected"}, {"version": "16.0(6h)", "status": "affected"}, {"version": "16.0(8h)", "status": "affected"}, {"version": "16.1(3g)", "status": "affected"}, {"version": "16.0(9e)", "status": "affected"}, {"version": "16.1(4h)", "status": "affected"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633", "shortName": "cisco", "dateUpdated": "2026-02-25T16:26:29.215Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-20033", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-02-25T18:18:01.739135Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-02-25T19:05:48.146Z"}}]}}

{}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r\nThis vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.\r\nNote: Only the out-of-band (OOB) management interface is affected."}, {"lang": "es", "value": "Una vulnerabilidad en los switches de tejido Cisco Nexus serie 9000 en modo ACI podr\u00eda permitir a un atacante adyacente no autenticado causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado.\n\nEsta vulnerabilidad se debe a una validaci\u00f3n insuficiente al procesar tramas Ethernet espec\u00edficas. Un atacante podr\u00eda explotar esta vulnerabilidad al enviar una trama Ethernet manipulada a la interfaz de gesti\u00f3n de un dispositivo afectado. Un exploit exitoso podr\u00eda permitir al atacante hacer que el dispositivo se recargue inesperadamente, lo que resultar\u00eda en una condici\u00f3n de DoS.\nNota: Solo la interfaz de gesti\u00f3n fuera de banda (OOB) se ve afectada."}], "id": "CVE-2026-20033", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.4, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 4.0, "source": "psirt@cisco.com", "type": "Primary"}]}, "published": "2026-02-25T17:25:24.560", "references": [{"source": "psirt@cisco.com", "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-cpdos-qLsv6pFD"}], "sourceIdentifier": "psirt@cisco.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-805"}], "source": "psirt@cisco.com", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(1g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(2e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(2h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(3f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(3e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(3g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(4d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(4e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(5c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(5d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(1g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(5e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(4f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(6e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(6h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(1j)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(6g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(7f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(7g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(2h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(8d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(2j)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(8e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(3d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(3e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(8f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(8g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(1d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(8h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(4c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(2a)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.2(8i)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(5h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(2b)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(3g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(5j)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(2c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(6c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(2d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.1(1f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(7e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(8e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(2e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(8f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.1(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.1(2g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "15.3(2f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(9c)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.1(3f)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(9d)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(6h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(8h)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.1(3g)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.0(9e)"}}, {"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "16.1(4h)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Cisco NX-OS System Software in ACI Mode", "source": "cna", "vendor": "Cisco"}, "product": "cisco_nx-os_system_software_in_aci_mode", "vendor": "cisco"}], "analysis": {"en": {"generated_at": "2026-04-17T15:05:59.309112+00:00", "value": {"mitigation_remediation": ["Apply the latest Cisco NX\u2011OS firmware that addresses the Ethernet frame validation issue.", "Restrict traffic to the out\u2011of\u2011band management interface so that only trusted management networks can reach it.", "Monitor switch logs and network traffic for repeated reloads or abnormal management\u2011interface frames to detect an attempt or failure of this exploit."], "summary": {"action": "Apply Patch", "impact": "Denial of Service"}, "threat_synthesis": {"affected_systems": "Cisco NX\u2011OS System Software in ACI Mode on Nexus 9000 Series Fabric Switches. No specific affected versions are listed in the CNA data; the only affected component is the out\u2011of\u2011band management interface.", "description_and_impact": "A vulnerability exists in the Cisco Nexus 9000 Series Fabric Switches operating in Application Centric Infrastructure (ACI) mode where insufficient validation of Ethernet frames processed by the out\u2011of\u2011band management interface allows an unauthenticated, adjacent attacker to inject a crafted frame. If the exploit succeeds, the device will unexpectedly reload, resulting in a denial of service of the switch. The impact is the loss of network connectivity but does not directly affect data confidentiality or integrity.", "risk_and_exploitability": "The CVSS base score is 7.4, indicating a high severity. The EPSS score is less than 1\u202f%, suggesting a very low probability of observed exploitation. The vulnerability is not listed in the CISA KEV catalog. The likely attack vector is the out\u2011of\u2011band management interface; an attacker must be adjacent to the switch\u2019s management network and does not need credentials. Successful exploitation causes the switch to reboot, disrupting services for potentially all users connected to the affected fabric."}}}}, "created": "2026-02-26T13:15:22.623942+00:00", "updated": "2026-04-17T15:15:21.827487+00:00", "vendors": ["cisco", "cisco$PRODUCT$cisco_nx-os_system_software_in_aci_mode"]}