CVE-2025-20111
Published: 26 February 2025
Description
A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of specific Ethernet frames. An attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. A successful exploit could allow the attacker to cause the device to reload.
Security Summary
CVE-2025-20111 is a vulnerability in the health monitoring diagnostics feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches running in standalone NX-OS mode. The issue stems from the incorrect handling of specific Ethernet frames, which could allow an unauthenticated, adjacent attacker to trigger an unexpected device reload, resulting in a denial-of-service (DoS) condition. It has been assigned a CVSS v3.1 base score of 7.4 (AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H) and is associated with CWE-1220.
An adjacent, unauthenticated attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device. Successful exploitation would cause the targeted switch to reload, disrupting network operations and potentially leading to repeated DoS if the attack persists.
The Cisco Security Advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n3kn9k-healthdos-eOqSWK4g provides details on mitigation strategies and available patches.
Details
- CWE(s)