CVE-2026-20033

Summary

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

This vulnerability is due to insufficient validation when processing specific Ethernet frames. An attacker could exploit this vulnerability by sending a crafted Ethernet frame to the management interface of an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition. Note: Only the out-of-band (OOB) management interface is affected.

Affected Software

VendorProductVersion RangeStatus
CiscoCisco NX-OS System Software in ACI Mode15.2(1g)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(2e)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(2f)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(2g)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(2h)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(3f)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(3e)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(3g)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(4d)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(4e)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(5c)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(5d)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(1g)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(5e)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(4f)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(6e)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(6h)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(1j)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(6g)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(7f)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(7g)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(2h)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(8d)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(2j)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(8e)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(3d)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(3e)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(8f)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(8g)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(1d)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(8h)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(4c)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(2a)affected
CiscoCisco NX-OS System Software in ACI Mode15.2(8i)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(5h)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(2b)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(3g)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(5j)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(2c)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(6c)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(2d)affected
CiscoCisco NX-OS System Software in ACI Mode16.1(1f)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(7e)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(8e)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(2e)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(8f)affected
CiscoCisco NX-OS System Software in ACI Mode16.1(2f)affected
CiscoCisco NX-OS System Software in ACI Mode16.1(2g)affected
CiscoCisco NX-OS System Software in ACI Mode15.3(2f)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(9c)affected
CiscoCisco NX-OS System Software in ACI Mode16.1(3f)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(9d)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(6h)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(8h)affected
CiscoCisco NX-OS System Software in ACI Mode16.1(3g)affected
CiscoCisco NX-OS System Software in ACI Mode16.0(9e)affected
CiscoCisco NX-OS System Software in ACI Mode16.1(4h)affected

Weaknesses

  • CWE-805: Buffer Access with Incorrect Length Value

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References