CVE-2022-20849

CVSS 3.1 Score 6.1 of 10 (medium)

Details

Published Nov 15, 2024

CWE ID 391

Summary

CVE-2022-20849 is a vulnerability affecting the PPPoE feature in Cisco IOS XR Software. An unauthenticated, adjacent attacker can exploit this issue by sending specific packets, causing the PPPoE process to continually crash. The error condition in the affected packets is not handled properly by the software, leading to a denial of service (DoS) condition. Cisco has released software updates to address this vulnerability, and there are currently no workarounds available. This issue was disclosed in the September 2022 Cisco IOS XR Software Security Advisory Bundled Publication.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Cisco IOS

Affected Vendors

Cisco Systems Inc

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Threats to the 2025 NATO Summit

Artificial Eyes: Generative AI in China’s Military Intelligence

Know What Matters

For Customers

For Partners