CVE-2026-20110

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit this vulnerability by accessing the management CLI of the affected device as a low-privileged user and using the start maintenance command. A successful exploit could allow the attacker to put the device in maintenance mode, which shuts down interfaces, resulting in a denial of service (DoS) condition. In case of exploitation, a device administrator can connect to the CLI and use the stop maintenance command to restore operations.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.0 / Impact : 4.0

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq

Configurations

No configuration.

History

No history.

Information

Published : 2026-03-25 16:16

Updated : 2026-03-26 15:13

NVD link : CVE-2026-20110

Mitre link : CVE-2026-20110

CVE.ORG link : CVE-2026-20110

JSON object : View

Products Affected

No product.

CWE

CWE-266

Incorrect Privilege Assignment

{"id": "CVE-2026-20110", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "psirt@cisco.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 4.0, "exploitabilityScore": 2.0}]}, "published": "2026-03-25T16:16:14.630", "references": [{"url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq", "source": "psirt@cisco.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Primary", "source": "psirt@cisco.com", "description": [{"lang": "en", "value": "CWE-266"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit this vulnerability by accessing the management CLI of the affected device as a low-privileged user and using the start maintenance command. A successful exploit could allow the attacker to put the device in maintenance mode, which shuts down interfaces, resulting in a denial of service (DoS) condition. In case of exploitation, a device administrator can connect to the CLI and use the stop maintenance command to restore operations."}, {"lang": "es", "value": "Una vulnerabilidad en la CLI de Cisco IOS XE Software podr\u00eda permitir a un atacante autenticado y local causar una condici\u00f3n de denegaci\u00f3n de servicio (DoS) en un dispositivo afectado. Esta vulnerabilidad existe porque se asocian privilegios incorrectos con el comando start maintenance. Un atacante podr\u00eda explotar esta vulnerabilidad al acceder a la CLI de gesti\u00f3n del dispositivo afectado como un usuario con pocos privilegios y usar el comando start maintenance. Un exploit exitoso podr\u00eda permitir al atacante poner el dispositivo en modo de mantenimiento, lo que apaga las interfaces, resultando en una condici\u00f3n de denegaci\u00f3n de servicio (DoS). En caso de explotaci\u00f3n, un administrador del dispositivo puede conectarse a la CLI y usar el comando stop maintenance para restaurar las operaciones."}], "lastModified": "2026-03-26T15:13:15.790", "sourceIdentifier": "psirt@cisco.com"}