CVE-2025-20189

A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper memory management when Cisco IOS XE Software is processing Address Resolution Protocol (ARP) messages. An attacker could exploit this vulnerability by sending crafted ARP messages at a high rate over a period of time to an affected device. A successful exploit could allow the attacker to exhaust system resources, which eventually triggers a reload of the active route switch processor (RSP). If a redundant RSP is not present, the router reloads.

A vulnerability in the Cisco Express Forwarding functionality of Cisco IOS XE Software for Cisco ASR 903 Aggregation Services Routers with Route Switch Processor 3 (RSP3C) could allow an unauthenticated, adjacent attacker to trigger a denial of service (DoS) condition. This vulnerability is due to improper memory management when Cisco IOS XE Software is processing Address Resolution Protocol (ARP) messages. An attacker could exploit this vulnerability by sending crafted ARP messages at a high rate over a period of time to an affected device. A successful exploit could allow the attacker to exhaust system resources, which eventually triggers a reload of the active route switch processor (RSP). If a redundant RSP is not present, the router reloads.

Una vulnerabilidad en la función Cisco Express Forwarding del software Cisco IOS XE para routers de servicios de agregación Cisco ASR 903 con procesador de conmutación de ruta 3 (RSP3C) podría permitir que un atacante adyacente no autenticado active una denegación de servicio (DoS). Esta vulnerabilidad se debe a una gestión de memoria inadecuada cuando el software Cisco IOS XE procesa mensajes del protocolo de resolución de direcciones (ARP). Un atacante podría explotar esta vulnerabilidad enviando mensajes ARP manipulados a alta velocidad durante un período de tiempo a un dispositivo afectado. Una explotación exitosa podría permitir al atacante agotar los recursos del sistema, lo que eventualmente desencadena la recarga del procesador de conmutación de ruta (RSP) activo. Si no hay un RSP redundante, el router se recarga.