high
7.4
CWE
20
Advisory Published

cisco-sa-capwap-dos-TPdNTdyq: Cisco IOS XE Wireless Controller Software for the Catalyst 9000 Family CAPWAP Denial of Service Vulnerabilities

First published: Thu Sep 24 2020(Updated: )

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. These vulnerabilities are due to insufficient validation of CAPWAP packets. An attacker could exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device. Cisco has released software updates that address these vulnerabilities. There are no workarounds that address these vulnerabilities. This advisory is available at the following link:https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-capwap-dos-TPdNTdyq This advisory is part of the September 24, 2020, release of the Cisco IOS and IOS XE Software Security Advisory Bundled Publication, which includes 25 Cisco Security Advisories that describe 34 vulnerabilities. For a complete list of the advisories and links to them, see Cisco Event Response: September 2020 Semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication.

Credit: These vulnerabilities were found during internal security testing.

Affected SoftwareAffected VersionHow to fix
Cisco IOS XE
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

  • What is the severity of cisco-sa-capwap-dos-TPdNTdyq?

    The severity of cisco-sa-capwap-dos-TPdNTdyq is classified as high due to its potential to cause denial of service conditions.

  • How do I fix cisco-sa-capwap-dos-TPdNTdyq?

    To fix cisco-sa-capwap-dos-TPdNTdyq, update your Cisco IOS XE Software and Cisco Catalyst 9800 Series Wireless Controllers to the latest available version.

  • What causes the cisco-sa-capwap-dos-TPdNTdyq vulnerability?

    The cisco-sa-capwap-dos-TPdNTdyq vulnerability is caused by improper handling of the CAPWAP protocol processing.

  • Who is affected by cisco-sa-capwap-dos-TPdNTdyq?

    Organizations using Cisco IOS XE Software and Cisco Catalyst 9800 Series Wireless Controllers are affected by cisco-sa-capwap-dos-TPdNTdyq.

  • Can cisco-sa-capwap-dos-TPdNTdyq be exploited remotely?

    Yes, cisco-sa-capwap-dos-TPdNTdyq can be exploited by an unauthenticated, adjacent attacker to launch a denial of service attack.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203