How severe is CVE-2025-20202?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.4 out of 10.

What type of vulnerability is CVE-2025-20202?

This is classified as CWE-805, which is a common weakness in software security.

CVE-2025-20202 - HIGH Severity | CVSS 7.4

Vulnerability Description

A vulnerability in Cisco IOS XE Wireless Controller Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient input validation of access point (AP) Cisco Discovery Protocol (CDP) neighbor reports when they are processed by the wireless controller. An attacker could exploit this vulnerability by sending a crafted CDP packet to an AP. A successful exploit could allow the attacker to cause an unexpected reload of the wireless controller that is managing the AP, resulting in a DoS condition that affects the wireless network.

Related Vulnerabilities

CVE-2023-5396

HIGH

CVSS:7.4(High)

Server receiving a malformed message creates connection for a hostname that may cause a stack overflow resulting in possible remote code execution. See Honeywell Security Notification for recommendati...

CWE-8052023

CVE-2025-20191

HIGH

CVSS:7.4(High)

A vulnerability in the Switch Integrated Security Features (SISF) of Cisco IOS Software, Cisco IOS XE Software, Cisco NX-OS Software, and Cisco Wireless LAN Controller (WLC) AireOS Software could allo...

CWE-8052025

CVE-2025-21591

HIGH

CVSS:7.4(High)

A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP...

CWE-8052025

CVE-2020-16101

HIGH

CVSS:7.5(High)

It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166(MR3), ...

CWE-8052020

CVE-2021-31885

HIGH

CVSS:7.5(High)

A vulnerability has been identified in APOGEE MBC (PPC) (BACnet) (All versions), APOGEE MBC (PPC) (P2 Ethernet) (All versions), APOGEE MEC (PPC) (BACnet) (All versions), APOGEE MEC (PPC) (P2 Ethernet)...

CWE-8052021

CVE-2022-47375

HIGH

CVSS:7.5(High)

A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-...

CWE-8052022