CVE-2024-20496

Name of the Vulnerable Software and Affected Versions Cisco SD-WAN vEdge Software (affected versions not specified)

Description The issue is related to a flaw in the UDP packet validation code, which could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. This is due to incorrect handling of a specific type of malformed UDP packet. An attacker in a machine-in-the-middle position could exploit this by sending crafted UDP packets to an affected device, potentially causing the device to reboot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.