CVE-2026-20083

EUVD-2026-15429
A vulnerability in the Secure Copy Protocol (SCP) server feature of Cisco IOS XE Software could allow an authenticated, local attacker with low privileges to cause a denial of service (DoS) condition on an affected device.

 This vulnerability is due to improper handling of a malformed SCP request. An attacker could exploit this vulnerability by issuing a crafted command through SSH. A successful exploit could allow the attacker to cause the device to reload unexpectedly, resulting in a DoS condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
6.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ciscoios_xe
3.5.0E
ciscoios_xe
3.5.1E
ciscoios_xe
3.5.2E
ciscoios_xe
3.5.3E
ciscoios_xe
3.11.1S
ciscoios_xe
3.11.2S
ciscoios_xe
3.11.0S
ciscoios_xe
3.11.3S
ciscoios_xe
3.11.4S
ciscoios_xe
3.12.0S
ciscoios_xe
3.12.1S
ciscoios_xe
3.12.2S
ciscoios_xe
3.12.3S
ciscoios_xe
3.12.4S
ciscoios_xe
3.13.0S
ciscoios_xe
3.13.1S
ciscoios_xe
3.13.2S
ciscoios_xe
3.13.3S
ciscoios_xe
3.13.4S
ciscoios_xe
3.13.5S
ciscoios_xe
3.13.6S
ciscoios_xe
3.13.7S
ciscoios_xe
3.6.0E
ciscoios_xe
3.6.1E
ciscoios_xe
3.6.2E
ciscoios_xe
3.6.3E
ciscoios_xe
3.6.4E
ciscoios_xe
3.6.5E
ciscoios_xe
3.6.6E
ciscoios_xe
3.14.0S
ciscoios_xe
3.14.1S
ciscoios_xe
3.14.2S
ciscoios_xe
3.14.3S
ciscoios_xe
3.14.4S
ciscoios_xe
3.15.0S
ciscoios_xe
3.15.1S
ciscoios_xe
3.15.2S
ciscoios_xe
3.15.3S
ciscoios_xe
3.15.4S
ciscoios_xe
3.7.0E
ciscoios_xe
3.7.1E
ciscoios_xe
3.7.2E
ciscoios_xe
3.7.3E
ciscoios_xe
3.7.4E
ciscoios_xe
3.7.5E
ciscoios_xe
3.16.0S
ciscoios_xe
3.16.1S
ciscoios_xe
3.16.2S
ciscoios_xe
3.16.3S
ciscoios_xe
3.16.4S
ciscoios_xe
3.16.5S
ciscoios_xe
3.17.0S
ciscoios_xe
3.17.1S
ciscoios_xe
3.17.2S
ciscoios_xe
3.17.3S
ciscoios_xe
3.8.0E
ciscoios_xe
3.8.1E
ciscoios_xe
3.8.2E
ciscoios_xe
3.8.3E
ciscoios_xe
3.18.0S
ciscoios_xe
3.18.1S
ciscoios_xe
3.18.2S
ciscoios_xe
3.9.0E
ciscoios_xe
3.9.1E
ciscoios_xe
16.6.1
ciscoios_xe
16.6.2
ciscoios_xe
16.6.3
ciscoios_xe
16.6.4
ciscoios_xe
16.6.5
ciscoios_xe
16.6.4a
ciscoios_xe
16.6.5a
ciscoios_xe
16.6.6
ciscoios_xe
16.6.7
ciscoios_xe
16.6.8
ciscoios_xe
16.6.9
ciscoios_xe
16.6.10
ciscoios_xe
16.7.1
ciscoios_xe
16.7.1a
ciscoios_xe
16.7.1b
ciscoios_xe
16.7.2
ciscoios_xe
16.7.3
ciscoios_xe
16.7.4
ciscoios_xe
16.8.1
ciscoios_xe
16.8.1a
ciscoios_xe
16.8.1b
ciscoios_xe
16.8.1s
ciscoios_xe
16.8.1c
ciscoios_xe
16.8.1d
ciscoios_xe
16.8.2
ciscoios_xe
16.8.1e
ciscoios_xe
16.8.3
ciscoios_xe
16.9.1
ciscoios_xe
16.9.2
ciscoios_xe
16.9.1a
ciscoios_xe
16.9.1b
ciscoios_xe
16.9.1s
ciscoios_xe
16.9.3
ciscoios_xe
16.9.4
ciscoios_xe
16.9.3a
ciscoios_xe
16.9.5
ciscoios_xe
16.9.5f
ciscoios_xe
16.9.6
ciscoios_xe
16.9.7
ciscoios_xe
16.9.8
ciscoios_xe
16.10.1
ciscoios_xe
16.10.1a
ciscoios_xe
16.10.1b
ciscoios_xe
16.10.1s
ciscoios_xe
16.10.1c
ciscoios_xe
16.10.1e
ciscoios_xe
16.10.1d
ciscoios_xe
16.10.2
ciscoios_xe
16.10.1f
ciscoios_xe
16.10.1g
ciscoios_xe
16.10.3
ciscoios_xe
16.11.1
ciscoios_xe
16.11.1a
ciscoios_xe
16.11.1b
ciscoios_xe
16.11.2
ciscoios_xe
16.11.1s
ciscoios_xe
16.12.1
ciscoios_xe
16.12.1s
ciscoios_xe
16.12.1a
ciscoios_xe
16.12.1c
ciscoios_xe
16.12.1w
ciscoios_xe
16.12.2
ciscoios_xe
16.12.1y
ciscoios_xe
16.12.2a
ciscoios_xe
16.12.3
ciscoios_xe
16.12.8
ciscoios_xe
16.12.2s
ciscoios_xe
16.12.1x
ciscoios_xe
16.12.1t
ciscoios_xe
16.12.4
ciscoios_xe
16.12.3s
ciscoios_xe
16.12.3a
ciscoios_xe
16.12.4a
ciscoios_xe
16.12.5
ciscoios_xe
16.12.6
ciscoios_xe
16.12.1z1
ciscoios_xe
16.12.5a
ciscoios_xe
16.12.5b
ciscoios_xe
16.12.1z2
ciscoios_xe
16.12.6a
ciscoios_xe
16.12.7
ciscoios_xe
16.12.9
ciscoios_xe
16.12.10
ciscoios_xe
16.12.10a
ciscoios_xe
16.12.11
ciscoios_xe
16.12.12
ciscoios_xe
16.12.13
ciscoios_xe
16.12.14
ciscoios_xe
17.1.1
ciscoios_xe
17.1.1a
ciscoios_xe
17.1.1s
ciscoios_xe
17.1.1t
ciscoios_xe
17.1.3
ciscoios_xe
17.2.1
ciscoios_xe
17.2.1r
ciscoios_xe
17.2.1a
ciscoios_xe
17.2.1v
ciscoios_xe
17.2.2
ciscoios_xe
17.2.3
ciscoios_xe
17.3.1
ciscoios_xe
17.3.2
ciscoios_xe
17.3.3
ciscoios_xe
17.3.1a
ciscoios_xe
17.3.1w
ciscoios_xe
17.3.2a
ciscoios_xe
17.3.1x
ciscoios_xe
17.3.1z
ciscoios_xe
17.3.4
ciscoios_xe
17.3.5
ciscoios_xe
17.3.4a
ciscoios_xe
17.3.6
ciscoios_xe
17.3.4b
ciscoios_xe
17.3.4c
ciscoios_xe
17.3.5a
ciscoios_xe
17.3.5b
ciscoios_xe
17.3.7
ciscoios_xe
17.3.8
ciscoios_xe
17.3.8a
ciscoios_xe
17.4.1
ciscoios_xe
17.4.2
ciscoios_xe
17.4.1a
ciscoios_xe
17.4.1b
ciscoios_xe
17.4.2a
ciscoios_xe
17.5.1
ciscoios_xe
17.5.1a
ciscoios_xe
17.6.1
ciscoios_xe
17.6.2
ciscoios_xe
17.6.1w
ciscoios_xe
17.6.1a
ciscoios_xe
17.6.1x
ciscoios_xe
17.6.3
ciscoios_xe
17.6.1y
ciscoios_xe
17.6.1z
ciscoios_xe
17.6.3a
ciscoios_xe
17.6.4
ciscoios_xe
17.6.1z1
ciscoios_xe
17.6.5
ciscoios_xe
17.6.6
ciscoios_xe
17.6.6a
ciscoios_xe
17.6.5a
ciscoios_xe
17.6.7
ciscoios_xe
17.6.8
ciscoios_xe
17.6.8a
ciscoios_xe
17.7.1
ciscoios_xe
17.7.1a
ciscoios_xe
17.7.1b
ciscoios_xe
17.7.2
ciscoios_xe
17.10.1
ciscoios_xe
17.10.1a
ciscoios_xe
17.10.1b
ciscoios_xe
17.8.1
ciscoios_xe
17.8.1a
ciscoios_xe
17.9.1
ciscoios_xe
17.9.1w
ciscoios_xe
17.9.2
ciscoios_xe
17.9.1a
ciscoios_xe
17.9.1x
ciscoios_xe
17.9.1y
ciscoios_xe
17.9.3
ciscoios_xe
17.9.2a
ciscoios_xe
17.9.1x1
ciscoios_xe
17.9.3a
ciscoios_xe
17.9.4
ciscoios_xe
17.9.1y1
ciscoios_xe
17.9.5
ciscoios_xe
17.9.4a
ciscoios_xe
17.9.5a
ciscoios_xe
17.9.5b
ciscoios_xe
17.9.6
ciscoios_xe
17.9.6a
ciscoios_xe
17.9.7
ciscoios_xe
17.9.5e
ciscoios_xe
17.9.5f
ciscoios_xe
17.9.8
ciscoios_xe
17.9.7a
ciscoios_xe
17.9.7b
ciscoios_xe
17.11.1
ciscoios_xe
17.11.1a
ciscoios_xe
17.12.1
ciscoios_xe
17.12.1w
ciscoios_xe
17.12.1a
ciscoios_xe
17.12.1x
ciscoios_xe
17.12.2
ciscoios_xe
17.12.3
ciscoios_xe
17.12.2a
ciscoios_xe
17.12.1y
ciscoios_xe
17.12.1z
ciscoios_xe
17.12.4
ciscoios_xe
17.12.3a
ciscoios_xe
17.12.1z1
ciscoios_xe
17.12.1z2
ciscoios_xe
17.12.4a
ciscoios_xe
17.12.5
ciscoios_xe
17.12.4b
ciscoios_xe
17.12.1z3
ciscoios_xe
17.12.5a
ciscoios_xe
17.12.1z4
ciscoios_xe
17.12.6
ciscoios_xe
17.12.5b
ciscoios_xe
17.12.5c
ciscoios_xe
17.12.6a
ciscoios_xe
17.12.5d
ciscoios_xe
17.12.6b
ciscoios_xe
17.13.1
ciscoios_xe
17.13.1a
ciscoios_xe
17.14.1
ciscoios_xe
17.14.1a
ciscoios_xe
17.15.1
ciscoios_xe
17.15.1w
ciscoios_xe
17.15.1a
ciscoios_xe
17.15.2
ciscoios_xe
17.15.1b
ciscoios_xe
17.15.1x
ciscoios_xe
17.15.1z
ciscoios_xe
17.15.3
ciscoios_xe
17.15.2c
ciscoios_xe
17.15.2a
ciscoios_xe
17.15.1y
ciscoios_xe
17.15.2b
ciscoios_xe
17.15.3a
ciscoios_xe
17.15.4
ciscoios_xe
17.15.3b
ciscoios_xe
17.15.4d
ciscoios_xe
17.15.4e
ciscoios_xe
17.16.1
ciscoios_xe
17.16.1a
ciscoios_xe
17.17.1
ciscoios_xe
17.18.1
ciscoios_xe
17.18.1w
ciscoios_xe
17.18.1a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-scp-dos-duAdXtCg