Cisco Aironet Series Access Points Quality of Service Denial of Service Vulnerability
Description
A vulnerability in the quality of service (QoS) feature of Cisco Aironet Series Access Points (APs) could allow an authenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper input validation on QoS fields within Wi-Fi frames by the affected device. An attacker could exploit this vulnerability by sending malformed Wi-Fi frames to an affected device. A successful exploit could allow the attacker to cause the affected device to crash, resulting in a DoS condition.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper QoS input validation in Cisco Aironet Series APs allows an authenticated adjacent attacker to crash the device via malformed Wi-Fi frames.
Vulnerability
The vulnerability exists in the quality of service (QoS) feature of Cisco Aironet Series Access Points. Improper input validation on QoS fields within Wi-Fi frames allows a malformed frame to cause a crash. Affected products include Aironet 1560, 2800, 3800, and 4800 Series APs [1].
Exploitation
An attacker must be authenticated and have adjacent access (within Wi-Fi range) to the affected AP. The exploit involves sending specially crafted, malformed Wi-Fi frames that contain malformed QoS fields to the target device [1].
Impact
A successful exploit causes the affected AP to crash, resulting in a denial of service (DoS) condition. Network services provided by the AP are disrupted until the device is recovered [1].
Mitigation
Cisco has released fixed software versions as indicated in the associated Cisco bug IDs. The advisory provides no workarounds. Administrators should upgrade to the latest available firmware for their AP model as specified in the advisory [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: 8.5
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190417-aap-dosmitrevendor-advisoryx_refsource_CISCO
- www.securityfocus.com/bid/107988mitrevdb-entryx_refsource_BID
News mentions
0No linked articles in our index yet.