Cisco IOS and IOS XE Software Change of Authorization Denial of Service Vulnerability
Description
A vulnerability in Cisco TrustSec RADIUS CoA code allows unauthenticated remote attackers to cause a denial of service via malformed packet.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A vulnerability in Cisco TrustSec RADIUS CoA code allows unauthenticated remote attackers to cause a denial of service via malformed packet.
Vulnerability
The vulnerability exists in the RADIUS Change of Authorization (CoA) code of Cisco TrustSec, a feature within Cisco IOS XE Software. It is due to improper handling of a malformed packet. Affected devices are those running Cisco IOS XE Software with TrustSec configured. Specific affected versions can be identified via the Cisco IOS Software Checker [1].
Exploitation
An unauthenticated, remote attacker can exploit this vulnerability by sending a specially crafted malformed packet to an affected device. No authentication or prior access is required [1].
Impact
Successful exploitation causes a denial of service (DoS) condition on the affected device, disrupting normal operation [1].
Mitigation
Cisco has released software updates to address this vulnerability. Customers should consult the Cisco Security Advisory [1] and use the Cisco IOS Software Checker to determine the appropriate fixed release for their software version.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190925-tsecmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.