VDB

CVE-2024-20327

CVE-2024-20327 PUBLISHED

There is a vulnerability in Cisco IOS XR. This flaw exists in the PPP over Ethernet (PPPoE) termination feature due to the improper handling of malformed PPPoE packets. By sending a crafted PPPoE packet to an affected line card interface, an adjacent, anonymous attacker can exploit this vulnerability to cause a Denial of Service condition.

EPSS 0.07% · 21.4th percentile

Risk Scores

EPSS Score
0.07%
21.4th percentile

Affected Products

VendorProductVersions
CiscoCisco IOS XR <7.9.2
CiscoCisco IOS XR <7.10.1
CiscoCisco IOS XR <7.11.1
CiscoCisco IOS XR <7.9.21

Exploit Intelligence

Timeline

  • Mar 13, 2024 CVE Published
  • Mar 13, 2024 PoC Published
  • Mar 13, 2024 PoC Published
  • Mar 14, 2024 EPSS Score
  • Mar 15, 2024 PoC Published
  • Mar 15, 2024 PoC Published
  • Apr 9, 2024 EPSS Score
  • May 5, 2024 EPSS Score
  • May 31, 2024 EPSS Score
  • Jun 27, 2024 EPSS Score
  • Jul 23, 2024 EPSS Score
  • Aug 1, 2024 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›