Attackers can disable Cisco firewalls and WLAN controllers
Cisco has released important security updates for various network products. Primarily, DoS attacks are possible.
(Image: heise online)
Following successful attacks on Cisco hardware and software, serious network problems can occur. To prevent this, admins should install the recently released security updates promptly. So far, there are no reports of attackers exploiting the vulnerabilities. However, admins should not delay too long.
Because a list of all patches would exceed the scope of this report, IT security managers can find specific information on vulnerable and repaired versions in the advisory posts from the network equipment manufacturer linked at the end of this report.
Networks at Risk
Primarily, developers have closed DoS vulnerabilities. If such attacks are successful, services can crash and firewalls may stop functioning. For example, in the case of WLAN controllers of the Catalyst CW9800 series, attackers can exploit a vulnerability (CVE-2026-20086 “high”) with specially crafted CAPWAP packets, according to a security advisory. Processing leads to errors, causing crashes.
Due to several vulnerabilities in the network operating systems IOS and IOS XE, crashes can also occur. For example, with Secure Firewall Adaptive Security Appliance (CVE-2026-20012 “high”). At this point, attackers can trigger restarts through manipulated IKEv2 packets.
Videos by heise
On switches of the Catalyst and Rugged series, attackers can bypass the Secure Boot security mechanism (CVE-2026-20104 “medium”) and execute malicious code in the context of the boot process. However, an attacker needs physical access to a device for this.
List sorted by threat level in descending order:
- IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service
- IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service
- IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service
- IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service
- IOS XE Software TLS Memory Exhaustion Denial of Service
- IOS XE Software Secure Copy Protocol Server Denial of Service
- IOS XE Software Denial of Service
- IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass
- IOS XE Software Secure Channel for Meraki Information Disclosure
- Catalyst SD-WAN Manager Cross-Site Scripting
- IOS XE Software Lobby Ambassador Privilege Escalation
- IOx Application Hosting Environment Carriage Return Line Feed Injection
- IOx Application Hosting Environment Stored Cross-Site Scripting
(des)
