CVE-2024-20496

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Sep 25, 2024

Updated: Sep 26, 2024

CWE ID 787

Summary

CVE-2024-20496 is a vulnerability in the UDP packet validation code of Cisco SD-WAN vEdge Software that could enable an unauthenticated adjacent attacker to trigger a denial of service (DoS) condition on affected systems. This issue arises from the improper handling of malformed UDP packets, allowing an attacker with machine-in-the-middle access to send crafted packets that can cause the device to reboot. The affected products include various models within the Cisco SD-WAN vEdge Software range. To mitigate this vulnerability, organizations are advised to apply available security updates from Cisco's advisory. If exploited, this vulnerability poses significant risks as it can disrupt service availability and potentially affect network performance.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database