CVE-2024-20480

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software (affected versions not specified)

Description The issue is related to a logical error in the DHCP Snooping feature of Cisco IOS XE Software, specifically due to improper handling of IPv4 DHCP packets. This could allow a remote attacker to cause high CPU utilization on an affected device, resulting in a denial of service (DoS) condition that requires a manual reload to recover. An attacker could exploit this by sending certain IPv4 DHCP packets to an affected device, potentially causing the device to exhaust CPU resources and stop processing traffic.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.