Cisco IOS XE NBAR DoS via malformed CAPWAP packets
CVE-2025-20315 Published on September 24, 2025
A vulnerability in the Network-Based Application Recognition (NBAR) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, causing a denial of service (DoS) condition. This vulnerability is due to improper handling of malformed Control and Provisioning of Wireless Access Points (CAPWAP) packets. An attacker could exploit this vulnerability by sending malformed CAPWAP packets through an affected device. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
Vulnerability Analysis
CVE-2025-20315 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Attack Vector:
NETWORK
Attack Complexity:
LOW
Privileges Required:
NONE
User Interaction:
NONE
Scope:
CHANGED
Confidentiality Impact:
NONE
Integrity Impact:
NONE
Availability Impact:
HIGH
Weakness Type
Buffer Access with Incorrect Length Value
The software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer. When the length value exceeds the size of the destination, a buffer overflow could occur.
Products Associated with CVE-2025-20315
Want to know whenever a new CVE is published for Cisco IOS XE? stack.watch will email you.
Affected Versions
Cisco IOS XE Software:- Version 3.7.0S is affected.
- Version 3.7.1S is affected.
- Version 3.7.2S is affected.
- Version 3.7.3S is affected.
- Version 3.7.4S is affected.
- Version 3.7.5S is affected.
- Version 3.7.6S is affected.
- Version 3.7.7S is affected.
- Version 3.7.4aS is affected.
- Version 3.7.2tS is affected.
- Version 3.7.0bS is affected.
- Version 3.7.1aS is affected.
- Version 3.8.0S is affected.
- Version 3.8.1S is affected.
- Version 3.8.2S is affected.
- Version 3.9.1S is affected.
- Version 3.9.0S is affected.
- Version 3.9.2S is affected.
- Version 3.9.1aS is affected.
- Version 3.9.0aS is affected.
- Version 3.11.1S is affected.
- Version 3.11.2S is affected.
- Version 3.11.0S is affected.
- Version 3.11.3S is affected.
- Version 3.11.4S is affected.
- Version 3.12.0S is affected.
- Version 3.12.1S is affected.
- Version 3.12.2S is affected.
- Version 3.12.3S is affected.
- Version 3.12.0aS is affected.
- Version 3.12.4S is affected.
- Version 3.13.0S is affected.
- Version 3.13.1S is affected.
- Version 3.13.2S is affected.
- Version 3.13.3S is affected.
- Version 3.13.4S is affected.
- Version 3.13.5S is affected.
- Version 3.13.2aS is affected.
- Version 3.13.0aS is affected.
- Version 3.13.5aS is affected.
- Version 3.13.6S is affected.
- Version 3.13.7S is affected.
- Version 3.13.6aS is affected.
- Version 3.13.7aS is affected.
- Version 3.13.8S is affected.
- Version 3.13.9S is affected.
- Version 3.13.10S is affected.
- Version 3.14.0S is affected.
- Version 3.14.1S is affected.
- Version 3.14.2S is affected.
- Version 3.14.3S is affected.
- Version 3.14.4S is affected.
- Version 3.15.0S is affected.
- Version 3.15.1S is affected.
- Version 3.15.2S is affected.
- Version 3.15.1cS is affected.
- Version 3.15.3S is affected.
- Version 3.15.4S is affected.
- Version 3.16.0S is affected.
- Version 3.16.1S is affected.
- Version 3.16.1aS is affected.
- Version 3.16.2S is affected.
- Version 3.16.2aS is affected.
- Version 3.16.0cS is affected.
- Version 3.16.3S is affected.
- Version 3.16.2bS is affected.
- Version 3.16.3aS is affected.
- Version 3.16.4S is affected.
- Version 3.16.4aS is affected.
- Version 3.16.4bS is affected.
- Version 3.16.5S is affected.
- Version 3.16.4dS is affected.
- Version 3.16.6S is affected.
- Version 3.16.7S is affected.
- Version 3.16.6bS is affected.
- Version 3.16.7aS is affected.
- Version 3.16.7bS is affected.
- Version 3.16.8S is affected.
- Version 3.16.9S is affected.
- Version 3.16.10S is affected.
- Version 3.17.0S is affected.
- Version 3.17.1S is affected.
- Version 3.17.2S is affected.
- Version 3.17.1aS is affected.
- Version 3.17.3S is affected.
- Version 3.17.4S is affected.
- Version 16.1.1 is affected.
- Version 16.1.2 is affected.
- Version 16.1.3 is affected.
- Version 16.2.1 is affected.
- Version 16.2.2 is affected.
- Version 16.3.1 is affected.
- Version 16.3.2 is affected.
- Version 16.3.3 is affected.
- Version 16.3.1a is affected.
- Version 16.3.4 is affected.
- Version 16.3.5 is affected.
- Version 16.3.5b is affected.
- Version 16.3.6 is affected.
- Version 16.3.7 is affected.
- Version 16.3.8 is affected.
- Version 16.3.9 is affected.
- Version 16.3.10 is affected.
- Version 16.3.11 is affected.
- Version 16.4.1 is affected.
- Version 16.4.2 is affected.
- Version 16.4.3 is affected.
- Version 16.5.1 is affected.
- Version 16.5.1a is affected.
- Version 16.5.1b is affected.
- Version 16.5.2 is affected.
- Version 16.5.3 is affected.
- Version 3.18.0aS is affected.
- Version 3.18.0S is affected.
- Version 3.18.1S is affected.
- Version 3.18.2S is affected.
- Version 3.18.3S is affected.
- Version 3.18.4S is affected.
- Version 3.18.0SP is affected.
- Version 3.18.1SP is affected.
- Version 3.18.1aSP is affected.
- Version 3.18.1bSP is affected.
- Version 3.18.1cSP is affected.
- Version 3.18.2SP is affected.
- Version 3.18.2aSP is affected.
- Version 3.18.3SP is affected.
- Version 3.18.4SP is affected.
- Version 3.18.3aSP is affected.
- Version 3.18.3bSP is affected.
- Version 3.18.5SP is affected.
- Version 3.18.6SP is affected.
- Version 3.18.7SP is affected.
- Version 3.18.8aSP is affected.
- Version 3.18.9SP is affected.
- Version 16.6.1 is affected.
- Version 16.6.2 is affected.
- Version 16.6.3 is affected.
- Version 16.6.4 is affected.
- Version 16.6.5 is affected.
- Version 16.6.4a is affected.
- Version 16.6.5a is affected.
- Version 16.6.6 is affected.
- Version 16.6.7 is affected.
- Version 16.6.8 is affected.
- Version 16.6.9 is affected.
- Version 16.6.10 is affected.
- Version 16.7.1 is affected.
- Version 16.7.1a is affected.
- Version 16.7.1b is affected.
- Version 16.7.2 is affected.
- Version 16.7.3 is affected.
- Version 16.7.4 is affected.
- Version 16.8.1 is affected.
- Version 16.8.1a is affected.
- Version 16.8.1b is affected.
- Version 16.8.1s is affected.
- Version 16.8.1c is affected.
- Version 16.8.1d is affected.
- Version 16.8.2 is affected.
- Version 16.8.1e is affected.
- Version 16.8.3 is affected.
- Version 16.9.1 is affected.
- Version 16.9.2 is affected.
- Version 16.9.1a is affected.
- Version 16.9.1b is affected.
- Version 16.9.1s is affected.
- Version 16.9.3 is affected.
- Version 16.9.4 is affected.
- Version 16.9.3a is affected.
- Version 16.9.5 is affected.
- Version 16.9.5f is affected.
- Version 16.9.6 is affected.
- Version 16.9.7 is affected.
- Version 16.9.8 is affected.
- Version 16.10.1 is affected.
- Version 16.10.1a is affected.
- Version 16.10.1b is affected.
- Version 16.10.1s is affected.
- Version 16.10.1c is affected.
- Version 16.10.1e is affected.
- Version 16.10.1d is affected.
- Version 16.10.2 is affected.
- Version 16.10.1f is affected.
- Version 16.10.1g is affected.
- Version 16.10.3 is affected.
- Version 16.11.1 is affected.
- Version 16.11.1a is affected.
- Version 16.11.1b is affected.
- Version 16.11.2 is affected.
- Version 16.11.1s is affected.
- Version 16.12.1 is affected.
- Version 16.12.1s is affected.
- Version 16.12.1a is affected.
- Version 16.12.1c is affected.
- Version 16.12.1w is affected.
- Version 16.12.2 is affected.
- Version 16.12.1y is affected.
- Version 16.12.2a is affected.
- Version 16.12.3 is affected.
- Version 16.12.8 is affected.
- Version 16.12.2s is affected.
- Version 16.12.1x is affected.
- Version 16.12.1t is affected.
- Version 16.12.4 is affected.
- Version 16.12.3s is affected.
- Version 16.12.3a is affected.
- Version 16.12.4a is affected.
- Version 16.12.5 is affected.
- Version 16.12.6 is affected.
- Version 16.12.1z1 is affected.
- Version 16.12.5a is affected.
- Version 16.12.5b is affected.
- Version 16.12.1z2 is affected.
- Version 16.12.6a is affected.
- Version 16.12.7 is affected.
- Version 16.12.9 is affected.
- Version 16.12.10 is affected.
- Version 16.12.10a is affected.
- Version 16.12.11 is affected.
- Version 16.12.12 is affected.
- Version 16.12.13 is affected.
- Version 17.1.1 is affected.
- Version 17.1.1a is affected.
- Version 17.1.1s is affected.
- Version 17.1.1t is affected.
- Version 17.1.3 is affected.
- Version 17.2.1 is affected.
- Version 17.2.1r is affected.
- Version 17.2.1a is affected.
- Version 17.2.1v is affected.
- Version 17.2.2 is affected.
- Version 17.2.3 is affected.
- Version 17.3.1 is affected.
- Version 17.3.2 is affected.
- Version 17.3.3 is affected.
- Version 17.3.1a is affected.
- Version 17.3.1w is affected.
- Version 17.3.2a is affected.
- Version 17.3.1x is affected.
- Version 17.3.1z is affected.
- Version 17.3.4 is affected.
- Version 17.3.5 is affected.
- Version 17.3.4a is affected.
- Version 17.3.6 is affected.
- Version 17.3.4b is affected.
- Version 17.3.4c is affected.
- Version 17.3.5a is affected.
- Version 17.3.5b is affected.
- Version 17.3.7 is affected.
- Version 17.3.8 is affected.
- Version 17.3.8a is affected.
- Version 17.4.1 is affected.
- Version 17.4.2 is affected.
- Version 17.4.1a is affected.
- Version 17.4.1b is affected.
- Version 17.4.2a is affected.
- Version 17.5.1 is affected.
- Version 17.5.1a is affected.
- Version 17.6.1 is affected.
- Version 17.6.2 is affected.
- Version 17.6.1w is affected.
- Version 17.6.1a is affected.
- Version 17.6.1x is affected.
- Version 17.6.3 is affected.
- Version 17.6.1y is affected.
- Version 17.6.1z is affected.
- Version 17.6.3a is affected.
- Version 17.6.4 is affected.
- Version 17.6.1z1 is affected.
- Version 17.6.5 is affected.
- Version 17.6.6 is affected.
- Version 17.6.6a is affected.
- Version 17.6.5a is affected.
- Version 17.6.7 is affected.
- Version 17.6.8 is affected.
- Version 17.6.8a is affected.
- Version 17.7.1 is affected.
- Version 17.7.1a is affected.
- Version 17.7.1b is affected.
- Version 17.7.2 is affected.
- Version 17.10.1 is affected.
- Version 17.10.1a is affected.
- Version 17.10.1b is affected.
- Version 17.8.1 is affected.
- Version 17.8.1a is affected.
- Version 17.9.1 is affected.
- Version 17.9.1w is affected.
- Version 17.9.2 is affected.
- Version 17.9.1a is affected.
- Version 17.9.1x is affected.
- Version 17.9.1y is affected.
- Version 17.9.3 is affected.
- Version 17.9.2a is affected.
- Version 17.9.1x1 is affected.
- Version 17.9.3a is affected.
- Version 17.9.4 is affected.
- Version 17.9.1y1 is affected.
- Version 17.9.5 is affected.
- Version 17.9.4a is affected.
- Version 17.9.5a is affected.
- Version 17.9.5b is affected.
- Version 17.9.6 is affected.
- Version 17.9.6a is affected.
- Version 17.9.5e is affected.
- Version 17.9.5f is affected.
- Version 17.11.1 is affected.
- Version 17.11.1a is affected.
- Version 17.12.1 is affected.
- Version 17.12.1w is affected.
- Version 17.12.1a is affected.
- Version 17.12.1x is affected.
- Version 17.12.2 is affected.
- Version 17.12.3 is affected.
- Version 17.12.2a is affected.
- Version 17.12.1y is affected.
- Version 17.12.1z is affected.
- Version 17.12.4 is affected.
- Version 17.12.3a is affected.
- Version 17.12.1z1 is affected.
- Version 17.12.1z2 is affected.
- Version 17.12.4a is affected.
- Version 17.12.4b is affected.
- Version 17.12.1z3 is affected.
- Version 17.13.1 is affected.
- Version 17.13.1a is affected.
- Version 17.14.1 is affected.
- Version 17.14.1a is affected.
- Version 17.11.99SW is affected.
- Version 17.15.1 is affected.
- Version 17.15.1w is affected.
- Version 17.15.1a is affected.
- Version 17.15.2 is affected.
- Version 17.15.1b is affected.
- Version 17.15.1x is affected.
- Version 17.15.1z is affected.
- Version 17.15.2c is affected.
- Version 17.15.2a is affected.
- Version 17.15.2b is affected.
- Version 17.16.1 is affected.
- Version 17.16.1a is affected.
Exploit Probability
EPSS
0.12%
Percentile
30.33%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.