CVE & CISA-KEV Catalog

CVE-2023-20112

HIGH
7.4
CVSS v3
NVD

Description

A vulnerability in Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of certain parameters within 802.11 frames. An attacker could exploit this vulnerability by sending a wireless 802.11 association request frame with crafted parameters to an affected device. A successful exploit could allow the attacker to cause an unexpected reload of an affected device, resulting in a DoS condition.

How to fix

Remediation Available
business 150ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
business 151axm firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9105ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9105axi firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9105axw firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9105i firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9105w firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9115 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9115ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9115axe firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9115axi firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9117 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9117ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9117axi firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9120 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9120ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9120axe firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9120axi firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9120axp firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9124 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9124ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9124axd firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9124axi firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9130 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9130ax firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9130axe firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9130axi firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9136 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9162 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9164 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD
catalyst 9166 firmwareNVD
Affected:< 10.3.2.0Fixed in:10.3.2.0CVE-2023-20112derived from NVD

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorAdjacent
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeChanged

Impact

ConfidentialityNone
IntegrityNone
AvailabilityHigh

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploit Intelligence

0.30%probability of exploitation in 30 days
22ndpercentile

Low risk: more likely to be exploited than 22% of all known CVEs.

References

Vendor Advisory1

Related Vulnerabilities

Other CWE-126 (Buffer Over-read) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2023-49285High8.689%-Fix
CVE-2017-7668High7.557%-Fix
CVE-2009-2495Medium6.542%--
CVE-2017-7679Critical9.839%-Fix
CVE-2025-21277High7.538%-Fix
CVE-2024-38071High7.536%-Fix
Embed a live status badge for CVE-2023-20112
CVE-2023-20112 severity badge

Markdown

[![CVE-2023-20112](https://tridentstack.com/cve/badge/CVE-2023-20112.svg)](https://tridentstack.com/cve/CVE-2023-20112)

HTML

<a href="https://tridentstack.com/cve/CVE-2023-20112"><img src="https://tridentstack.com/cve/badge/CVE-2023-20112.svg" alt="CVE-2023-20112"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2024-11-21.