CVE-2024-20314

HIGH
Published Mar 27, 2024 Modified Jul 30, 2025 CWE-783

Description

A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition.

CVSS v3.1 Score

8.6
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Weakness Type (CWE)

CWE-783 CWE-783

Affected Products

Vendor Product
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe
cisco ios_xe

References

Frequently Asked Questions

What is CVE-2024-20314? +
A vulnerability in the IPv4 Software-Defined Access (SD-Access) fabric edge node feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause high CPU utilization and stop all traffic processing, resulting in a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain IPv4 packets. An attacker could exploit this vulnerability by sending certain IPv4 packets to an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. It has a CVSS v3.1 base score of 8.6 (HIGH).
How severe is CVE-2024-20314? +
CVE-2024-20314 has a CVSS v3.1 score of 8.6 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.
What products are affected by CVE-2024-20314? +
CVE-2024-20314 affects products from cisco, specifically: ios_xe. Check the affected products table above for specific version ranges.
How do I check if I'm vulnerable to CVE-2024-20314? +
You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2025-27512

Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user …
CVE-2024-20480 8.6

A vulnerability in the DHCP Snooping feature of Cisco IOS XE Software on Software-Defined Access (SD-Access) fabric edge nodes could …
CVE-2024-31335 7.8

In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This …
CVE-2024-34723 7.8

In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due …
CVE-2024-34726 7.8

In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code. This …
CVE-2024-34720 7.8

In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app zygote processes due …

Don't wait for an exploit

Scan your website for vulnerabilities like CVE-2024-20314 — free, no signup required.

Start Free Scan