Unrated severityNVD Advisory· Published Aug 27, 2009· Updated Apr 23, 2026

CVE-2009-2861

Description

The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664.

Affected products

Cisco Systems, Inc./Aironet Ap1100
cpe:2.3:h:cisco:aironet_ap1100:*:*:*:*:*:*:*:*
Cisco Systems, Inc./Aironet Ap1200
cpe:2.3:h:cisco:aironet_ap1200:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

tools.cisco.com/security/center/viewAlert.xnvdPatchVendor Advisory
www.vupen.com/english/advisories/2009/2419nvdVendor Advisory
securitytracker.com/idnvd
www.airmagnet.com/assets/AM_Technote_SkyJack_082509.pdfnvd
www.airmagnet.com/news/press_releases/2009/08252009.phpnvd
www.securityfocus.com/bid/36145nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000