Cisco Aironet Access Points Bridge Protocol Data Unit Port Disable Denial of Service Vulnerability
Description
A vulnerability in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs) could allow an unauthenticated, adjacent attacker to cause an AP port to go into an error disabled state. The vulnerability occurs because BPDUs received from specific wireless clients are forwarded incorrectly. An attacker could exploit this vulnerability on the wireless network by sending a steady stream of crafted BPDU frames. A successful exploit could allow the attacker to cause a limited denial of service (DoS) attack because an AP port could go offline.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A flaw in BPDU forwarding on Cisco Aironet APs allows an unauthenticated, adjacent attacker to send crafted frames, causing a port to enter an error-disabled state and resulting in a limited DoS.
Vulnerability
A vulnerability exists in the bridge protocol data unit (BPDU) forwarding functionality of Cisco Aironet Access Points (APs). It occurs because BPDUs received from specific wireless clients are forwarded incorrectly. An unauthenticated, adjacent attacker can exploit this by sending a steady stream of crafted BPDU frames on the wireless network. The vulnerability affects Aironet 1540, 1560, 1800, 2800, and 3800 Series APs running a vulnerable software release, with the first vulnerable release being 8.5 [1].
Exploitation
The attacker must be within the wireless range of the target AP (adjacent network access) and requires no authentication. The exploitation involves sending a continuous stream of specially crafted BPDU frames to the AP. The AP then incorrectly forwards these frames, causing the targeted port to enter an error-disabled state [1].
Impact
Successful exploitation results in a limited denial of service (DoS) condition, as the affected AP port goes offline. This disrupts network connectivity for clients associated with that port, but does not lead to information disclosure, privilege escalation, or remote code execution [1].
Mitigation
Cisco has released software updates to address this vulnerability. The advisory recommends consulting the Cisco Security Advisory for the latest fixed releases [1]. A workaround is available: reconfigure the Aironet AP port from spanning-tree bpduguard enable to spanning-tree bpdu filtering [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: unspecified
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20191016-airo-dosmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.