CVE-2026-20110

EUVD-2026-15440
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device.

 This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit this vulnerability by accessing the management CLI of the affected device as a low-privileged user and using the start maintenance command. A successful exploit could allow the attacker to put the device in maintenance mode, which shuts down interfaces, resulting in a denial of service (DoS) condition. In case of exploitation, a device administrator can connect to the CLI and use the stop maintenance command to restore operations.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
ciscoCNA
6.5 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
ciscoios_xe
16.6.1
ciscoios_xe
16.6.2
ciscoios_xe
16.6.3
ciscoios_xe
16.6.4
ciscoios_xe
16.6.5
ciscoios_xe
16.6.4a
ciscoios_xe
16.6.5a
ciscoios_xe
16.6.6
ciscoios_xe
16.6.7
ciscoios_xe
16.6.8
ciscoios_xe
16.6.9
ciscoios_xe
16.6.10
ciscoios_xe
16.7.1
ciscoios_xe
16.7.1a
ciscoios_xe
16.7.1b
ciscoios_xe
16.7.2
ciscoios_xe
16.7.3
ciscoios_xe
16.7.4
ciscoios_xe
16.8.1
ciscoios_xe
16.8.1a
ciscoios_xe
16.8.1b
ciscoios_xe
16.8.1s
ciscoios_xe
16.8.1c
ciscoios_xe
16.8.1d
ciscoios_xe
16.8.2
ciscoios_xe
16.8.1e
ciscoios_xe
16.8.3
ciscoios_xe
16.9.1
ciscoios_xe
16.9.2
ciscoios_xe
16.9.1a
ciscoios_xe
16.9.1b
ciscoios_xe
16.9.1s
ciscoios_xe
16.9.3
ciscoios_xe
16.9.4
ciscoios_xe
16.9.3a
ciscoios_xe
16.9.5
ciscoios_xe
16.9.5f
ciscoios_xe
16.9.6
ciscoios_xe
16.9.7
ciscoios_xe
16.9.8
ciscoios_xe
16.10.1
ciscoios_xe
16.10.1a
ciscoios_xe
16.10.1b
ciscoios_xe
16.10.1s
ciscoios_xe
16.10.1c
ciscoios_xe
16.10.1e
ciscoios_xe
16.10.1d
ciscoios_xe
16.10.2
ciscoios_xe
16.10.1f
ciscoios_xe
16.10.1g
ciscoios_xe
16.10.3
ciscoios_xe
16.11.1
ciscoios_xe
16.11.1a
ciscoios_xe
16.11.1b
ciscoios_xe
16.11.2
ciscoios_xe
16.11.1s
ciscoios_xe
16.12.1
ciscoios_xe
16.12.1s
ciscoios_xe
16.12.1a
ciscoios_xe
16.12.1c
ciscoios_xe
16.12.1w
ciscoios_xe
16.12.2
ciscoios_xe
16.12.1y
ciscoios_xe
16.12.2a
ciscoios_xe
16.12.3
ciscoios_xe
16.12.8
ciscoios_xe
16.12.2s
ciscoios_xe
16.12.1x
ciscoios_xe
16.12.1t
ciscoios_xe
16.12.4
ciscoios_xe
16.12.3s
ciscoios_xe
16.12.3a
ciscoios_xe
16.12.4a
ciscoios_xe
16.12.5
ciscoios_xe
16.12.6
ciscoios_xe
16.12.1z1
ciscoios_xe
16.12.5a
ciscoios_xe
16.12.5b
ciscoios_xe
16.12.1z2
ciscoios_xe
16.12.6a
ciscoios_xe
16.12.7
ciscoios_xe
16.12.9
ciscoios_xe
16.12.10
ciscoios_xe
16.12.10a
ciscoios_xe
16.12.11
ciscoios_xe
16.12.12
ciscoios_xe
16.12.13
ciscoios_xe
16.12.14
ciscoios_xe
17.1.1
ciscoios_xe
17.1.1a
ciscoios_xe
17.1.1s
ciscoios_xe
17.1.1t
ciscoios_xe
17.1.3
ciscoios_xe
17.2.1
ciscoios_xe
17.2.1r
ciscoios_xe
17.2.1a
ciscoios_xe
17.2.1v
ciscoios_xe
17.2.2
ciscoios_xe
17.2.3
ciscoios_xe
17.3.1
ciscoios_xe
17.3.2
ciscoios_xe
17.3.3
ciscoios_xe
17.3.1a
ciscoios_xe
17.3.1w
ciscoios_xe
17.3.2a
ciscoios_xe
17.3.1x
ciscoios_xe
17.3.1z
ciscoios_xe
17.3.4
ciscoios_xe
17.3.5
ciscoios_xe
17.3.4a
ciscoios_xe
17.3.6
ciscoios_xe
17.3.4b
ciscoios_xe
17.3.4c
ciscoios_xe
17.3.5a
ciscoios_xe
17.3.5b
ciscoios_xe
17.3.7
ciscoios_xe
17.3.8
ciscoios_xe
17.3.8a
ciscoios_xe
17.4.1
ciscoios_xe
17.4.2
ciscoios_xe
17.4.1a
ciscoios_xe
17.4.1b
ciscoios_xe
17.4.2a
ciscoios_xe
17.5.1
ciscoios_xe
17.5.1a
ciscoios_xe
17.6.1
ciscoios_xe
17.6.2
ciscoios_xe
17.6.1w
ciscoios_xe
17.6.1a
ciscoios_xe
17.6.1x
ciscoios_xe
17.6.3
ciscoios_xe
17.6.1y
ciscoios_xe
17.6.1z
ciscoios_xe
17.6.3a
ciscoios_xe
17.6.4
ciscoios_xe
17.6.1z1
ciscoios_xe
17.6.5
ciscoios_xe
17.6.6
ciscoios_xe
17.6.6a
ciscoios_xe
17.6.5a
ciscoios_xe
17.6.7
ciscoios_xe
17.6.8
ciscoios_xe
17.6.8a
ciscoios_xe
17.7.1
ciscoios_xe
17.7.1a
ciscoios_xe
17.7.1b
ciscoios_xe
17.7.2
ciscoios_xe
17.10.1
ciscoios_xe
17.10.1a
ciscoios_xe
17.10.1b
ciscoios_xe
17.8.1
ciscoios_xe
17.8.1a
ciscoios_xe
17.9.1
ciscoios_xe
17.9.1w
ciscoios_xe
17.9.2
ciscoios_xe
17.9.1a
ciscoios_xe
17.9.1x
ciscoios_xe
17.9.1y
ciscoios_xe
17.9.3
ciscoios_xe
17.9.2a
ciscoios_xe
17.9.1x1
ciscoios_xe
17.9.3a
ciscoios_xe
17.9.4
ciscoios_xe
17.9.1y1
ciscoios_xe
17.9.5
ciscoios_xe
17.9.4a
ciscoios_xe
17.9.5a
ciscoios_xe
17.9.5b
ciscoios_xe
17.9.6
ciscoios_xe
17.9.6a
ciscoios_xe
17.9.7
ciscoios_xe
17.9.5e
ciscoios_xe
17.9.5f
ciscoios_xe
17.9.8
ciscoios_xe
17.9.7a
ciscoios_xe
17.9.7b
ciscoios_xe
17.11.1
ciscoios_xe
17.11.1a
ciscoios_xe
17.12.1
ciscoios_xe
17.12.1w
ciscoios_xe
17.12.1a
ciscoios_xe
17.12.1x
ciscoios_xe
17.12.2
ciscoios_xe
17.12.3
ciscoios_xe
17.12.2a
ciscoios_xe
17.12.1y
ciscoios_xe
17.12.1z
ciscoios_xe
17.12.4
ciscoios_xe
17.12.3a
ciscoios_xe
17.12.1z1
ciscoios_xe
17.12.1z2
ciscoios_xe
17.12.4a
ciscoios_xe
17.12.5
ciscoios_xe
17.12.4b
ciscoios_xe
17.12.1z3
ciscoios_xe
17.12.5a
ciscoios_xe
17.12.1z4
ciscoios_xe
17.12.6
ciscoios_xe
17.12.5b
ciscoios_xe
17.12.5c
ciscoios_xe
17.12.6a
ciscoios_xe
17.12.5d
ciscoios_xe
17.12.6b
ciscoios_xe
17.13.1
ciscoios_xe
17.13.1a
ciscoios_xe
17.14.1
ciscoios_xe
17.14.1a
ciscoios_xe
17.15.1
ciscoios_xe
17.15.1w
ciscoios_xe
17.15.1a
ciscoios_xe
17.15.2
ciscoios_xe
17.15.1b
ciscoios_xe
17.15.1x
ciscoios_xe
17.15.1z
ciscoios_xe
17.15.3
ciscoios_xe
17.15.2c
ciscoios_xe
17.15.2a
ciscoios_xe
17.15.1y
ciscoios_xe
17.15.2b
ciscoios_xe
17.15.3a
ciscoios_xe
17.15.4
ciscoios_xe
17.15.3b
ciscoios_xe
17.15.4d
ciscoios_xe
17.15.4e
ciscoios_xe
17.16.1
ciscoios_xe
17.16.1a
ciscoios_xe
17.17.1
ciscoios_xe
17.18.1
ciscoios_xe
17.18.1w
ciscoios_xe
17.18.1a
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-iosxe-mntc-dos-LZweQcyq