Cisco IOS XE Software for Catalyst 9000 Family Wireless Controllers CAPWAP Denial of Service Vulnerabilities

Vulnerability

Multiple vulnerabilities exist in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9000 Family Wireless Controllers [1]. These issues are due to insufficient validation of CAPWAP packets [1]. Affected versions include releases prior to the fixed versions mentioned in the advisory [1].

Exploitation

An unauthenticated, remote attacker can exploit these vulnerabilities by sending a malformed CAPWAP packet to an affected device [1]. No authentication or user interaction is required, and the device must be configured to process CAPWAP packets (which is typical for wireless controller operation) [1].

Impact

A successful exploit could cause the affected device to crash and reload [1]. This results in a denial of service (DoS) condition, disrupting wireless network services [1]. The impact is limited to availability, with no indication of information disclosure or code execution [1].

Mitigation

Cisco has released free software updates to address these vulnerabilities [1]. Fixed versions are available for affected Cisco IOS XE Software releases [1]. Customers should upgrade to the appropriate fixed release as specified in the Cisco Security Advisory [1]. There are no workarounds listed; upgrading is the recommended action [1].