Skip to main content

Cisco CVE-2026-20004

| EUVDEUVD-2026-15426 HIGH
Missing Reference to Active Allocated Resource (CWE-771)
2026-03-25 cisco GHSA-xp4f-63f5-wmm9
7.4
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.4 HIGH
AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

3
EUVD ID Assigned
Mar 25, 2026 - 16:16 euvd
EUVD-2026-15426
Analysis Generated
Mar 25, 2026 - 16:16 vuln.today
CVE Published
Mar 25, 2026 - 16:04 nvd
HIGH 7.4

DescriptionCVE.org

A vulnerability in the TLS library of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust the available memory of an affected device. This vulnerability is due to improper management of memory resources during TLS connection setup. An attacker could exploit this vulnerability by repeatedly triggering the conditions that cause the memory increase. This could be done in a variety of ways, such as by repeatedly attempting Extensible Authentication Protocol (EAP) authentication when local EAP is enabled on an affected device or by using a machine-in-the-middle attack and resetting TLS connections between the affected device and other devices. A successful exploit could allow the attacker to exhaust the available memory on an affected device, resulting in an unexpected reload and a denial of service (DoS) condition.

AnalysisAI

Memory exhaustion in Cisco IOS XE and Apple devices via improper TLS resource handling allows adjacent attackers to trigger denial of service by repeatedly initiating failed authentication or manipulating TLS connections. An unauthenticated attacker can exploit this by resetting TLS sessions or abusing EAP authentication mechanisms to deplete device memory without requiring network access from the internet. Successful exploitation renders affected devices unresponsive, with no patch currently available.

Technical ContextAI

This vulnerability affects the TLS library implementation in Cisco IOS XE Software (cpe:2.3:a:cisco:cisco_ios_xe_software), which is the operating system running on Cisco enterprise routers and switches. The root cause is classified as CWE-771 (Missing Reference to Active Allocated Resource), indicating improper memory resource management during TLS connection setup and teardown. The vulnerability manifests when TLS handshakes are initiated but not properly completed, causing memory allocations that are never released. This can be triggered through various TLS-dependent features including Extensible Authentication Protocol (EAP) local authentication and standard TLS connections between devices. The memory leak compounds with each aborted or reset TLS connection until available memory is exhausted.

RemediationAI

Upgrade to a fixed version of Cisco IOS XE Software as specified in the vendor security advisory at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-tls-dos-TVgLDEZL. Cisco typically provides fixed releases for actively supported version trains, so consult the advisory for the appropriate upgrade path based on your current version. As an interim mitigation until patching is feasible, disable local EAP authentication if not required for operations, implement network access controls to restrict adjacent network access to trusted devices only, and deploy monitoring for abnormal memory consumption patterns on affected devices. Consider segmenting critical network infrastructure to limit adjacent network attack surface. For devices where TLS connections can be controlled, implement rate limiting or connection throttling at upstream network security devices to reduce the effectiveness of repeated connection attempts.

Share

CVE-2026-20004 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy