Primary

Context

Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial-of-Service Vulnerability

Vulnerability

Patched

A denial-of-service vulnerability has been identified in Cisco Nexus 9000 Series Fabric Switches operating in ACI mode. This issue allows an unauthenticated, adjacent attacker to cause the affected device to reload unexpectedly, leading to a DoS condition. The vulnerability arises from insufficient validation when processing certain Ethernet frames. Exploitation involves sending a crafted Ethernet frame to the device's out-of-band management interface.

Impact

Exploitation of this vulnerability causes the device to reload unexpectedly, creating a denial-of-service condition.

Remediation

Cisco has released software updates to address this vulnerability. For guidance on determining the best release for Cisco Nexus 9000 Series Switches, refer to the Recommended Releases document available on the Cisco website.

Added: Feb 25, 2026, 11:22 PM

Updated: Feb 25, 2026, 11:22 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

2.5

exploitability

4.9

remediation

7.7

relevance

3.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cisco Nexus 9000 Series Fabric Switches in ACI Mode Denial-of-Service Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Cisco Nexus 9000

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating