Home / Vulnerability Intelligence / CVE-2026-20084

CVE-2026-20084 - Vulnerability Analysis

HighCVSS: 8.6

Last Updated: March 26, 2026

Cisco IOS XE - Denial of Service

Published: March 25, 2026Updated: March 26, 2026Remote Exploitable

Overview

Cisco IOS XE Software contains a denial of service vulnerability caused by improper handling of BOOTP packets in DHCP snooping on Catalyst 9000 Series Switches, letting unauthenticated remote attackers forward BOOTP packets between VLANs, exploit requires sending crafted BOOTP request packets.

Severity & Score

Severity: High

CVSS Score: 8.6

EPSS Score: 10.6%(Probability of exploitation in next 30 days)

Impact

Attackers can cause high CPU utilization and device unreachability, resulting in denial of service.

Mitigation

Apply available workarounds or update to the latest Cisco IOS XE Software version.

References

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bootp-WuBhNBxA

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 25, 2026

🟠 CVE-2026-20084 - High (8.6) A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service (DoS) condition. This vulnerability is... 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20084/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-20084
Severity: High
CVSS Score: 8.6
Type: denial_of_service
Status: unconfirmed
EPSS: 10.6%
Social Posts: 1

CWE

CWE-400

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

EPSS Score

10.6%Probability of exploitation in the next 30 days