Cisco Aironet 1800, 2800, and 3800 Series Access Point Platforms ARP Request Handling Denial of Service Vulnerability

A vulnerability exists in Cisco Access Point (AP) platforms when processing Address Resolution Protocol (ARP) packets that could allow an unauthenticated, adjacent attacker to inject crafted entries into the ARP table and eventually cause a reload of the affected device.

The vulnerability is due to improper processing of illegal ARP packets. An attacker could exploit this vulnerability by sending crafted ARP packets to be processed by an affected device. An exploit could allow the attacker to inject crafted entries in the ARP table and eventually cause a reload of the device.

Cisco has released software updates that address this vulnerability. Workarounds that address this vulnerability are not available.

This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet [“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160608-aironet”]