Cisco Aironet EAP Debugging Denial of Service Vulnerability

A vulnerability in the debugging features of Cisco IOS running on Cisco Aironet access points could allow an unauthenticated, adjacent attacker to create a denial of service condition.

The vulnerability is due to a failure to properly process a certain debugging message that may occur when the debug dot11 aaa authenticator all command is enabled and a crafted EAP packet is received. An attacker could exploit this vulnerability by sending a packet crafted to trigger the issue while a network administrator is actively debugging the device.

This vulnerability was reported to Cisco by Maxim Salomon and Timo Warns of Airbus Operations GmbH.

Cisco has confirmed the vulnerability in a security notice and released software updates.

To exploit this vulnerability, an attacker must be on the same collision or broadcast domain as the targeted device. This access requirement may reduce the possibility of successful exploit attempts.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.