CVE-2026-20086

Name of the Vulnerable Software and Affected Versions Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family (affected versions not specified)

Description A flaw exists in how the software processes Control and Provisioning of Wireless Access Points (CAPWAP) packets. This could allow a remote attacker, without needing to authenticate, to disrupt service on a device. The issue stems from the software's inability to correctly handle a specially crafted CAPWAP packet. Sending such a packet could force the device to restart unexpectedly, leading to a denial of service.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.