CVE-2025-20140

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Software for Wireless LAN Controllers (WLCs) (affected versions not specified)

Description A vulnerability in the Wireless Network Control daemon (wncd) could allow an unauthenticated, adjacent wireless attacker to cause a denial of service (DoS) condition due to improper memory management. An attacker could exploit this vulnerability by sending a series of IPv6 network requests from an associated wireless IPv6 client to an affected device. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to stop responding, resulting in a DoS condition.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.