CVE-2023-20112

Name of the Vulnerable Software and Affected Versions Cisco Business 150 versions (affected versions not specified) Cisco Business 151 Mesh Extenders versions (affected versions not specified) Cisco Catalyst 9100 versions (affected versions not specified)

Description The issue is related to a buffer overflow in the software of certain Cisco access points. It could allow a remote attacker to cause a denial of service condition on an affected device. This is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this by sending a wireless 802.11 association request frame with crafted parameters to an affected device, potentially causing an unexpected reload and resulting in a denial of service condition.

Recommendations For Cisco Business 150, update to a version that fixes the buffer overflow issue. For Cisco Business 151 Mesh Extenders, update to a version that fixes the buffer overflow issue. For Cisco Catalyst 9100, update to a version that fixes the buffer overflow issue. As a temporary workaround, consider restricting access to the affected devices until a patch is available.