Cisco IOS and IOS XE Software PROFINET Denial of Service Vulnerability
Description
A flaw in Cisco IOS and IOS XE Software's PROFINET handling allows an unauthenticated adjacent attacker to cause a device crash and DoS.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A flaw in Cisco IOS and IOS XE Software's PROFINET handling allows an unauthenticated adjacent attacker to cause a device crash and DoS.
Vulnerability
A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software allows an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The issue is due to insufficient processing logic for crafted PROFINET packets. Affected versions include various releases of Cisco IOS and IOS XE Software; refer to the Cisco Security Advisory for specific versions [1].
Exploitation
An attacker needs to be in the adjacent network (same broadcast domain) and send specially crafted PROFINET packets to the affected device. No authentication is required. The attacker simply transmits the malicious packets, which the device processes incorrectly.
Impact
Successful exploitation results in the device crashing and reloading, leading to a denial of service condition. No code execution or data disclosure is reported.
Mitigation
Cisco has released free software updates to address this vulnerability. Customers should upgrade to the fixed versions indicated in the advisory [1]. There may not be a workaround; the advisory should be consulted for details.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-profinet-J9QMCHPBmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.