CVE-2025-20140

A vulnerability in the Wireless Network Control daemon (wncd) of Cisco IOS XE Software for Wireless LAN Controllers (WLCs) could allow an unauthenticated, adjacent wireless attacker to cause a denial of service (DoS) condition.

 This vulnerability is due to improper memory management. An attacker could exploit this vulnerability by sending a series of IPv6 network requests from an associated wireless IPv6 client to an affected device. To associate a client to a device, an attacker may first need to authenticate to the network, or associate freely in the case of a configured open network. A successful exploit could allow the attacker to cause the wncd process to consume available memory and eventually cause the device to stop responding, resulting in a DoS condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.4 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
7.4 HIGH
ADJACENT_NETWORK
LOW
NONE
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
VendorProductVersion
ciscoios_xe
16.4.1
ciscoios_xe
16.4.2
ciscoios_xe
16.4.3
ciscoios_xe
16.5.1
ciscoios_xe
16.5.1a:a
ciscoios_xe
16.5.1b:b
ciscoios_xe
16.5.2
ciscoios_xe
16.5.3
ciscoios_xe
16.6.1
ciscoios_xe
16.6.2
ciscoios_xe
16.6.3
ciscoios_xe
16.6.4
ciscoios_xe
16.6.4a:a
ciscoios_xe
16.6.5
ciscoios_xe
16.6.5a:a
ciscoios_xe
16.6.6
ciscoios_xe
16.6.7
ciscoios_xe
16.6.8
ciscoios_xe
16.6.9
ciscoios_xe
16.6.10
ciscoios_xe
16.7.1
ciscoios_xe
16.7.1a:a
ciscoios_xe
16.7.1b:b
ciscoios_xe
16.7.2
ciscoios_xe
16.7.3
ciscoios_xe
16.7.4
ciscoios_xe
16.8.1
ciscoios_xe
16.8.1a:a
ciscoios_xe
16.8.1b:b
ciscoios_xe
16.8.1c:c
ciscoios_xe
16.8.1d:d
ciscoios_xe
16.8.1e:e
ciscoios_xe
16.8.1s:s
ciscoios_xe
16.8.2
ciscoios_xe
16.8.3
ciscoios_xe
16.9.1
ciscoios_xe
16.9.1a:a
ciscoios_xe
16.9.1b:b
ciscoios_xe
16.9.1s:s
ciscoios_xe
16.9.2
ciscoios_xe
16.9.3
ciscoios_xe
16.9.3a:a
ciscoios_xe
16.9.4
ciscoios_xe
16.9.5
ciscoios_xe
16.9.5f:f
ciscoios_xe
16.9.6
ciscoios_xe
16.9.7
ciscoios_xe
16.9.8
ciscoios_xe
16.10.1
ciscoios_xe
16.10.1a:a
ciscoios_xe
16.10.1b:b
ciscoios_xe
16.10.1c:c
ciscoios_xe
16.10.1d:d
ciscoios_xe
16.10.1e:e
ciscoios_xe
16.10.1f:f
ciscoios_xe
16.10.1g:g
ciscoios_xe
16.10.1s:s
ciscoios_xe
16.10.2
ciscoios_xe
16.10.3
ciscoios_xe
16.11.1
ciscoios_xe
16.11.1a:a
ciscoios_xe
16.11.1b:b
ciscoios_xe
16.11.1s:s
ciscoios_xe
16.11.2
ciscoios_xe
16.12.1
ciscoios_xe
16.12.1a:a
ciscoios_xe
16.12.1c:c
ciscoios_xe
16.12.1s:s
ciscoios_xe
16.12.1t:t
ciscoios_xe
16.12.1w:w
ciscoios_xe
16.12.1x:x
ciscoios_xe
16.12.1y:y
ciscoios_xe
16.12.1z1:z1
ciscoios_xe
16.12.1z2:z2
ciscoios_xe
16.12.2
ciscoios_xe
16.12.2a:a
ciscoios_xe
16.12.2s:s
ciscoios_xe
16.12.3
ciscoios_xe
16.12.3a:a
ciscoios_xe
16.12.3s:s
ciscoios_xe
16.12.4
ciscoios_xe
16.12.4a:a
ciscoios_xe
16.12.5
ciscoios_xe
16.12.5a:a
ciscoios_xe
16.12.5b:b
ciscoios_xe
16.12.6
ciscoios_xe
16.12.6a:a
ciscoios_xe
16.12.7
ciscoios_xe
16.12.8
ciscoios_xe
16.12.9
ciscoios_xe
16.12.10
ciscoios_xe
16.12.10a:a
ciscoios_xe
16.12.11
ciscoios_xe
16.12.12
ciscoios_xe
17.1.1
ciscoios_xe
17.1.1a:a
ciscoios_xe
17.1.1s:s
ciscoios_xe
17.1.1t:t
ciscoios_xe
17.1.3
ciscoios_xe
17.2.1
ciscoios_xe
17.2.1a:a
ciscoios_xe
17.2.1r:r
ciscoios_xe
17.2.1v:v
ciscoios_xe
17.2.2
ciscoios_xe
17.2.3
ciscoios_xe
17.3.1
ciscoios_xe
17.3.1a:a
ciscoios_xe
17.3.1w:w
ciscoios_xe
17.3.1x:x
ciscoios_xe
17.3.1z:z
ciscoios_xe
17.3.2
ciscoios_xe
17.3.2a:a
ciscoios_xe
17.3.3
ciscoios_xe
17.3.4
ciscoios_xe
17.3.4a:a
ciscoios_xe
17.3.4b:b
ciscoios_xe
17.3.4c:c
ciscoios_xe
17.3.5
ciscoios_xe
17.3.5a:a
ciscoios_xe
17.3.5b:b
ciscoios_xe
17.3.6
ciscoios_xe
17.3.7
ciscoios_xe
17.3.8
ciscoios_xe
17.3.8a:a
ciscoios_xe
17.4.1
ciscoios_xe
17.4.1a:a
ciscoios_xe
17.4.1b:b
ciscoios_xe
17.4.2
ciscoios_xe
17.4.2a:a
ciscoios_xe
17.5.1
ciscoios_xe
17.5.1a:a
ciscoios_xe
17.6.1
ciscoios_xe
17.6.1a:a
ciscoios_xe
17.6.1w:w
ciscoios_xe
17.6.1x:x
ciscoios_xe
17.6.1y:y
ciscoios_xe
17.6.1z:z
ciscoios_xe
17.6.1z1:z1
ciscoios_xe
17.6.2
ciscoios_xe
17.6.3
ciscoios_xe
17.6.3a:a
ciscoios_xe
17.6.4
ciscoios_xe
17.6.5
ciscoios_xe
17.6.5a:a
ciscoios_xe
17.6.6
ciscoios_xe
17.6.6a:a
ciscoios_xe
17.6.7
ciscoios_xe
17.6.8
ciscoios_xe
17.6.8a:a
ciscoios_xe
17.7.1
ciscoios_xe
17.7.1a:a
ciscoios_xe
17.7.1b:b
ciscoios_xe
17.7.2
ciscoios_xe
17.8.1
ciscoios_xe
17.8.1a:a
ciscoios_xe
17.9.1
ciscoios_xe
17.9.1a:a
ciscoios_xe
17.9.1w:w
ciscoios_xe
17.9.1x:x
ciscoios_xe
17.9.1x1:x1
ciscoios_xe
17.9.1y:y
ciscoios_xe
17.9.1y1:y1
ciscoios_xe
17.9.2
ciscoios_xe
17.9.2a:a
ciscoios_xe
17.9.3
ciscoios_xe
17.9.3a:a
ciscoios_xe
17.9.4
ciscoios_xe
17.9.4a:a
ciscoios_xe
17.9.5
ciscoios_xe
17.9.5a:a
ciscoios_xe
17.9.5b:b
ciscoios_xe
17.9.5e:e
ciscoios_xe
17.9.5f:f
ciscoios_xe
17.10.1
ciscoios_xe
17.10.1a:a
ciscoios_xe
17.10.1b:b
ciscoios_xe
17.11.1
ciscoios_xe
17.11.1a:a
ciscoios_xe
17.11.99sw:sw
ciscoios_xe
17.12.1
ciscoios_xe
17.12.1a:a
ciscoios_xe
17.12.1w:w
ciscoios_xe
17.12.1x:x
ciscoios_xe
17.12.1y:y
ciscoios_xe
17.12.1z:z
ciscoios_xe
17.12.1z1:z1
ciscoios_xe
17.12.2
ciscoios_xe
17.12.2a:a
ciscoios_xe
17.12.3
ciscoios_xe
17.12.3a:a
ciscoios_xe
17.13.1
ciscoios_xe
17.13.1a:a
ciscoios_xe
17.14.1
ciscoios_xe
17.14.1a:a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wlc-wncd-p6Gvt6HL