Ce mail provient de l'extérieur, restons vigilants ===================================================================== CERT-Renater Note d'Information No. 2026/VULN355 _____________________________________________________________________ DATE : 03/04/2026 HARDWARE PLATFORM(S): / OPERATING SYSTEM(S): Systems running Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software, Cisco IOS XE Software for Catalyst 9000 Series Switches, Cisco IOx Application, Cisco Catalyst SD-WAN Manager. ===================================================================== https://sec.cloudapps.cisco.com/security/center/publicationListing.x _____________________________________________________________________ Below is the list of Cisco Security Advisories published by Cisco PSIRT on 2026-March-25. The following PSIRT security advisories (6 High, 7 Medium) were published at 16:00 UTC today. Table of Contents: 1) Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability - SIR: High 2) Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability - SIR: High 3) Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability - SIR: High 4) Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability - SIR: High 5) Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability - SIR: High 6) Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability - SIR: High 7) Cisco IOS XE Software Denial of Service Vulnerability - SIR: Medium 8) Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability - SIR: Medium 9) Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability - SIR: Medium 10) Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability - SIR: Medium 11) Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability - SIR: Medium 12) Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability - SIR: Medium 13) Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability - SIR: Medium +-------------------------------------------------------------------- 1) Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family CAPWAP Denial of Service Vulnerability CVE-2026-20086 SIR: High CVSS Score v(3.1): 8.6 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-hnX5KGOm ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-dos-hnX5KGOm"] +-------------------------------------------------------------------- 2) Cisco IOS XE Software for Catalyst 9000 Series Switches DHCP Snooping Denial of Service Vulnerability CVE-2026-20084 SIR: High CVSS Score v(3.1): 8.6 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootp-WuBhNBxA ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootp-WuBhNBxA"] +-------------------------------------------------------------------- 3) Cisco IOS, IOS XE, Secure Firewall Adaptive Security Appliance, and Secure Firewall Threat Defense Software IKEv2 Denial of Service Vulnerability CVE-2026-20012 SIR: High CVSS Score v(3.1): 8.6 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ios-dos-kPEpQGGK"] +-------------------------------------------------------------------- 4) Cisco IOS Software and IOS XE Software Release 3E HTTP Server Denial of Service Vulnerability CVE-2026-20125 SIR: High CVSS Score v(3.1): 7.7 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-dos-sbv8XRpL ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-http-dos-sbv8XRpL"] +-------------------------------------------------------------------- 5) Cisco IOS XE Software TLS Memory Exhaustion Denial of Service Vulnerability CVE-2026-20004 SIR: High CVSS Score v(3.1): 7.4 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-tls-dos-TVgLDEZL ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-tls-dos-TVgLDEZL"] +-------------------------------------------------------------------- 6) Cisco IOS XE Software for Cisco Catalyst and Rugged Series Switches Secure Boot Bypass Vulnerability CVE-2026-20104 SIR: High CVSS Score v(3.1): 6.1 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-secureboot-bypass-B6uYxYSZ ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xe-secureboot-bypass-B6uYxYSZ"] +-------------------------------------------------------------------- 7) Cisco IOS XE Software Denial of Service Vulnerability CVE-2026-20110 SIR: Medium CVSS Score v(3.1): 6.5 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq"] +-------------------------------------------------------------------- 8) Cisco IOS XE Software Secure Copy Protocol Server Denial of Service Vulnerability CVE-2026-20083 SIR: Medium CVSS Score v(3.1): 6.5 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scp-dos-duAdXtCg ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scp-dos-duAdXtCg"] +-------------------------------------------------------------------- 9) Cisco IOS XE Software Secure Channel for Meraki Information Disclosure Vulnerability CVE-2026-20115 SIR: Medium CVSS Score v(3.1): 6.1 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe_infodis-6J847uEB ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe_infodis-6J847uEB"] +-------------------------------------------------------------------- 10) Cisco IOS XE Software Lobby Ambassador Privilege Escalation Vulnerability CVE-2026-20114 SIR: Medium CVSS Score v(3.1): 5.4 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-lobby-privesc-KwxBqJy"] +-------------------------------------------------------------------- 11) Cisco IOx Application Hosting Environment Carriage Return Line Feed Injection Vulnerability CVE-2026-20113 SIR: Medium CVSS Score v(3.1): 5.3 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-crlf-NvgKTKJZ ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-crlf-NvgKTKJZ"] +-------------------------------------------------------------------- 12) Cisco IOx Application Hosting Environment Stored Cross-Site Scripting Vulnerability CVE-2026-20112 SIR: Medium CVSS Score v(3.1): 4.8 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-xss-LpGkzwtJ ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iox-xss-LpGkzwtJ"] +-------------------------------------------------------------------- 13) Cisco Catalyst SD-WAN Manager Cross-Site Scripting Vulnerability CVE-2026-20108 SIR: Medium CVSS Score v(3.1): 5.4 URL: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-ZqkhP9W9 ["https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-xss-ZqkhP9W9"] ========================================================= + CERT-RENATER | tel : 01-53-94-20-44 + + 23/25 Rue Daviel | fax : 01-53-94-20-41 + + 75013 Paris | email:cert@support.renater.fr + =========================================================