CVE-2014-3327
Description
A vulnerability in Cisco IOS/IOS XE EnergyWise module allows unauthenticated remote attackers to cause a device reload via a crafted IPv4 packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A vulnerability in Cisco IOS/IOS XE EnergyWise module allows unauthenticated remote attackers to cause a device reload via a crafted IPv4 packet.
Vulnerability
The vulnerability resides in the EnergyWise module of Cisco IOS versions 12.2, 15.0, 15.1, 15.2, 15.4 and IOS XE versions 3.2.xXO, 3.3.xSG, 3.4.xSG, 3.5.xE before 3.5.3E. It is caused by improper parsing of crafted EnergyWise packets. The EnergyWise feature is not enabled by default; devices must be configured with an EnergyWise domain (e.g., via the energywise domain command) to be vulnerable [1].
Exploitation
An unauthenticated remote attacker can exploit this vulnerability by sending a specially crafted IPv4 EnergyWise packet to an affected device. No authentication or user interaction is required. The packet triggers a parsing error that causes the device to reload [1].
Impact
Successful exploitation results in a denial of service (DoS) condition, causing the device to reload and temporarily disrupting network services. No code execution, privilege escalation, or data disclosure is described [1].
Mitigation
Cisco has released software updates to address this vulnerability. There are no workarounds. Administrators should upgrade to fixed versions as indicated in the Cisco Security Advisory [1]. This vulnerability is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog.
AI Insight generated on May 23, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
19cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:15.0:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:15.1:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:15.2:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios:15.4:*:*:*:*:*:*:*
- (no CPE)range: <=15.4 and 12.2,15.0,15.1,15.2,15.4
cpe:2.3:o:cisco:ios_xe:3.2.00.xo.15.0\(2\)xo:*:*:*:*:*:*:*+ 12 more
- cpe:2.3:o:cisco:ios_xe:3.2.00.xo.15.0\(2\)xo:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.2.0xo:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.3.0sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.3.1sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4.0sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4.1sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4.2sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4.3sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.4.4sg:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.5.0e:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.5.1e:*:*:*:*:*:*:*
- cpe:2.3:o:cisco:ios_xe:3.5.2e:*:*:*:*:*:*:*
- (no CPE)range: <=3.5.3E (3.2.xXO, 3.3.xSG, 3.4.xSG, 3.5.xE before 3.5.3E)
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140806-energywisenvdVendor Advisory
- www.securitytracker.com/id/1030682nvdThird Party AdvisoryVDB Entry
- www.securityfocus.com/bid/69066nvdVDB Entry
- secunia.com/advisories/60650nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/95137nvd
News mentions
0No linked articles in our index yet.