Cisco IOS XE Software Catalyst 9800 Series Wireless Controllers Denial of Service Vulnerability

Vulnerability

A memory leak vulnerability exists in the Locally Significant Certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers running Cisco IOS XE Software. The flaw is due to incorrect processing of certain Public Key Infrastructure (PKI) packets. An unauthenticated, remote attacker can trigger this by sending crafted Secure Sockets Layer (SSL) packets to an affected device. The vulnerability affects all releases prior to the fixed versions mentioned in Cisco Security Advisory cisco-sa-iosxe-ewlc-dos-TkuPVmZN [1].

Exploitation

No authentication or prior access is required. The attacker only needs network connectivity to send specially crafted SSL packets to the target wireless controller. By repeatedly sending such packets, the device's memory consumption increases without bound [1].

Impact

Successful exploitation results in continuous memory consumption, eventually causing a memory allocation failure that leads to a system crash and a denial of service (DoS) condition. The controller becomes unavailable until manually recovered [1].

Mitigation

Cisco has released free software updates to address this vulnerability. Customers with valid service contracts should upgrade to the fixed version specified in the advisory. No workarounds are available; however, the advisory recommends restricting network access to the affected devices as a best practice [1].