CVE-2025-20262

A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes.

CVSS v3 5.0 MEDIUM

5.0^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.1 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh

Configurations

No configuration.

History

No history.

Information

Published : 2025-08-27 17:15

Updated : 2025-08-29 16:24

NVD link : CVE-2025-20262

Mitre link : CVE-2025-20262

CVE.ORG link : CVE-2025-20262

JSON object : View

Products Affected

No product.

CWE

CWE-476

NULL Pointer Dereference

{"id": "CVE-2025-20262", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "psirt@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.0, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 1.4, "exploitabilityScore": 3.1}]}, "published": "2025-08-27T17:15:34.873", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh", "source": "psirt@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-476"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS) condition.\r\n\r\nThis vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes."}, {"lang": "es", "value": "Una vulnerabilidad en la funci\u00f3n Protocol Independent Multicast Version 6 (PIM6) de los switches Cisco Nexus de las series 3000 y 9000 en modo NX-OS independiente podr\u00eda permitir que un atacante remoto autenticado y con pocos privilegios provoque un bloqueo del proceso PIM6, lo que resulta en una denegaci\u00f3n de servicio (DoS). Esta vulnerabilidad se debe al procesamiento incorrecto de las consultas de datos ef\u00edmeros de PIM6. Un atacante podr\u00eda explotar esta vulnerabilidad enviando una consulta ef\u00edmera manipulada a un dispositivo afectado mediante uno de los siguientes m\u00e9todos: NX-API REST, NETCONF, RESTConf, gRPC o telemetr\u00eda basada en modelos. Una explotaci\u00f3n exitosa podr\u00eda permitir al atacante provocar el bloqueo y reinicio del proceso PIM6, lo que podr\u00eda causar fluctuaciones de adyacencia y una denegaci\u00f3n de servicio (DoS) de PIM6 y los procesos de consulta ef\u00edmera."}], "lastModified": "2025-08-29T16:24:09.860", "sourceIdentifier": "psirt@cisco.com"}