Cisco ASA, FTD Software Critical DoS Vulnerability CVE-2024-20353
Key Takeaways Cisco has disclosed a critical denial-of-service vulnerability affecting its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) software. The flaw,...
Key Takeaways
- Cisco has disclosed a critical denial-of-service vulnerability affecting its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) software.
- The flaw, CVE-2026-20188, carries a CVSS score of 7.5 and allows unauthenticated, remote attackers to trigger a complete system outage.
- Exploitation involves overwhelming affected systems with connection requests, leading to resource exhaustion and requiring a manual reboot.
- No workarounds exist; immediate software upgrades to patched versions are the only mitigation.
Cisco Critical DoS Vulnerability Impacts Network Management Platforms
Cisco has released a critical security advisory detailing a high-severity vulnerability that could lead to denial-of-service (DoS) conditions in its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) platforms. This flaw, identified as CVE-2026-20188 with a CVSS base score of 7.5, presents a significant threat to network infrastructure managed by these systems.
Table Of Content
The vulnerability enables unauthenticated, remote attackers to initiate a severe DoS state on targeted devices. It stems from an uncontrolled resource consumption issue, categorized as CWE-400, where the affected software lacks adequate rate-limiting mechanisms for incoming network connections.
Attackers can exploit this by sending a continuous, high volume of connection requests to a vulnerable server. Since the software cannot properly manage or throttle these requests, it rapidly exhausts all available connection resources. This resource depletion renders the Cisco CNC and NSO systems entirely unresponsive, effectively locking out legitimate network administrators and disrupting critical network services.
Recovery from such an attack is not automatic. IT personnel must perform a manual system reboot to clear the exhausted resources and restore normal network operations. The underlying cause of this vulnerability, internally tracked as Cisco Bug ID CSCwr08237, lies within the connection-handling components of both software platforms.
Affected Versions and Remediation
Organizations utilizing Cisco Crosswork Network Controller and Network Services Orchestrator are strongly advised to audit their deployments for exposure. For the Cisco Crosswork Network Controller, all software versions up to and including 7.1 are susceptible. Administrators must upgrade to CNC version 7.2 or later, as this release is confirmed to be unaffected.
The impact on Cisco Network Services Orchestrator spans multiple release trains. Deployments running NSO version 6.3 or earlier are highly vulnerable and require an immediate upgrade. The 6.4 release branch is also affected, but Cisco has provided a patch starting with software update 6.4.1.3. Organizations operating NSO version 6.5 or newer are already protected and do not need to take further action.
Cisco’s Product Security Incident Response Team (PSIRT) discovered this vulnerability internally during the resolution of a routine Technical Assistance Center (TAC) support case. As of now, there is no evidence of public proof-of-concept exploits or active malicious exploitation in the wild.
Despite the absence of active exploitation, the risk remains substantial due to the complete lack of available workarounds. Administrators cannot implement configuration changes or temporary network rules to prevent resource exhaustion without compromising legitimate functionality. Consequently, upgrading to the officially fixed software releases is the only effective strategy to secure vulnerable networks. Cisco urges all affected customers to schedule maintenance windows and apply the necessary updates without delay to prevent potential service disruptions.
What You Should Do
- Immediately identify all instances of Cisco Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) in your environment.
- For Cisco CNC, upgrade all versions 7.1 and earlier to version 7.2 or a later release.
- For Cisco NSO, upgrade all versions 6.3 and earlier to a patched release. For the 6.4 branch, ensure you are running version 6.4.1.3 or higher. Versions 6.5 and later are already secure.
- Since no workarounds exist, prioritize these upgrades as the sole mitigation strategy.
- Monitor Cisco’s security advisories for any further updates or emerging threats related to these platforms.
Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.



No Comment! Be the first one.