Cisco Fixes Critical Command Injection and DoS Flaws in Nexus Switches
Cisco has issued security updates to address critical command injection and denial-of-service (DoS) vulnerabilities in certain models of its Nexus switches. The company's Product Security Incident Response Team (PSIRT) identified two high-severity flaws, which could allow unauthenticated attackers to cause devices to reload unexpectedly, resulting in a denial of service condition.
The most severe issue, tracked as CVE-2025-20111 (CVSS Score of 7.4), resides in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode. An unauthenticated, adjacent attacker could exploit this vulnerability by sending a sustained rate of crafted Ethernet frames to an affected device, causing it to reload unexpectedly.
"A vulnerability in the health monitoring diagnostics of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the device to reload unexpectedly, resulting in a denial of service (DoS) condition," reads the advisory published by Cisco. "This vulnerability is due to the incorrect handling of specific Ethernet frames."
The second flaw, tracked as CVE-2025-20161 (CVSS Score of 5.1), addresses a command injection issue that impacts Cisco Nexus 3000 and 9000 Series Switches. An authenticated, local attacker with valid Administrator credentials could execute a command injection attack on the underlying operating system of an affected device.
"A vulnerability in the software upgrade process of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker with valid Administrator credentials to execute a command injection attack on the underlying operating system of an affected device," reads the advisory.
The PSIRT is not aware of any attacks exploiting these vulnerabilities at this time. However, it is essential for network administrators to apply the security updates as soon as possible to prevent potential exploitation.
Affected Products
The following products are impacted by these vulnerabilities if they are running a vulnerable release of Cisco NX-OS Software:
- Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode.
- Cisco Nexus 3000 and 9000 Series Switches.
Network administrators should prioritize applying the security updates to prevent potential exploitation of these vulnerabilities.