CVE-2024-20480

Summary

CVE-2024-20480 is a vulnerability in the DHCP Snooping feature of Cisco IOS XE Software affecting Software-Defined Access (SD-Access) fabric edge nodes. This flaw allows unauthenticated remote attackers to exploit improper handling of IPv4 DHCP packets, leading to high CPU utilization on affected devices and resulting in a denial of service (DoS) condition that necessitates a manual device reload for recovery. Users are advised to implement security updates provided by Cisco to remediate this vulnerability. The potential danger includes significant network downtime and disruption of services due to the DoS condition, with an exploitability score rated at 3.9 and a high base severity score of 8.6. Organizations utilizing affected Cisco products should prioritize patching to mitigate risks associated with this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.