CVE-2025-20202

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Wireless Controller Software (affected versions not specified)

Description A vulnerability could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This issue is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this by sending a crafted CDP packet to an AP, potentially causing an unexpected reload of the wireless controller and affecting the wireless network.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.