Vulnerable products and fixes: Cisco has addressed all four CVEs in its March 25 semiannual Cisco IOS and IOS XE Software Security Advisory. Although none of the individual CVSS scores are high (ranging from 4.8 for CVE-2026-20112 to 6.5 for CVE-2026-20110) the danger is amplified by the way the first two can be chained.Cisco’s Software Checker tool can be used to determine whether a switch is vulnerable by entering the software/firmware version currently in use.No workarounds are possible for CVE-2026-20114, CVE-2026-20112, or CVE-2026-20113. The highest-rated flaw, CVE-2026-20110, can be mitigated by setting the privilege level of the ‘start maintenance’ command manually from the command line interface, Cisco said.In February, Cisco made public a different series of vulnerabilities affecting the Catalyst SD-WAN Manager, CVE-2026-20122, CVE-2026-20126, and CVE-2026-20128. These allowed an attacker to elevate themselves to root and were assigned a CVSS score of 9.8 (‘critical’) with no workarounds possible.That same month Cisco also patched a vulnerability in its Catalyst SD-WAN Controller, CVE-2026-20127.This article first appeared on Network World.
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4150185/chained-vulnerabilities-in-cisco-catalyst-switches-could-induce-denial-of-service-2.html
