Cisco Aironet Access Points Ethernet Wired Clients Denial of Service Vulnerability
Description
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting as a wired client to the Ethernet interface of an affected device and sending a series of specific packets within a short time frame. A successful exploit could allow the attacker to cause a NULL pointer access that results in a reload of the affected device.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
An unauthenticated, adjacent attacker can cause a Cisco Aironet AP to reload by sending specially crafted Ethernet packets due to insufficient input validation.
Vulnerability
A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software (CVE-2020-3552) allows an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The issue stems from insufficient input validation in the software. Affected versions include multiple Cisco Aironet AP models running vulnerable firmware versions prior to the fixed releases indicated in Cisco Security Advisory cisco-sa-ap-ethport-dos-xtjTt8pY [1].
Exploitation
An attacker can exploit this vulnerability by physically or logically connecting as a wired client to the Ethernet interface of an affected device. The attacker then sends a series of specific packets within a short time frame. No authentication is required; the attacker only needs adjacent network access to the wired port [1].
Impact
A successful exploit triggers a NULL pointer access, causing the affected device to reload. This results in a temporary denial of service (DoS) condition, interrupting wireless and wired network services provided by the access point [1].
Mitigation
Cisco has released free software updates to address the vulnerability. Customers are advised to upgrade to the fixed software versions listed in the advisory. No workaround is available. For customers without service contracts, contacting Cisco TAC is recommended to obtain the upgrade [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Range: n/a
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ap-ethport-dos-xtjTt8pYmitrevendor-advisoryx_refsource_CISCO
News mentions
0No linked articles in our index yet.