CVE-2026-20171 Cisco Nexus 3000 and 9000 Series Border Gateway Protocol Denial of Service Vulnerability

🗓️ 20 May 2026 16:06:38Reported by ciscoType

CVE-2026-20171 on Cisco Nexus 3000 and 9000: BGP enforce-first-as parsing flaw triggers DoS via crafted updates.

Reporter	Title	Published	Views	Family All 11
ATTACKERKB	CVE-2026-20171	20 May 202616:06	–	attackerkb
Circl	CVE-2026-20171	20 May 202618:47	–	circl
Cisco	Cisco Nexus 3000 and 9000 Series Switches Border Gateway Protocol Denial of Service Vulnerability	20 May 202616:00	–	cisco
Tenable Nessus	Cisco Nexus 3000 and 9000 Series Switches BGP DoS (cisco-sa-bgp-iefab-3hb2pwtx)	29 May 202600:00	–	nessus
CNNVD	Cisco NX-OS Software 安全漏洞	20 May 202600:00	–	cnnvd
CVE	CVE-2026-20171	20 May 202616:06	–	cve
EUVD	EUVD-2026-31135	20 May 202616:06	–	euvd
NVD	CVE-2026-20171	20 May 202617:16	–	nvd
Positive Technologies	PT-2026-42190	20 May 202600:00	–	ptsecurity
RedhatCVE	CVE-2026-20171	5 Jun 202619:29	–	redhatcve

[
  {
    "vendor": "Cisco",
    "product": "Cisco NX-OS Software",
    "versions": [
      {
        "version": "10.2(1)",
        "status": "affected"
      },
      {
        "version": "10.2(1q)",
        "status": "affected"
      },
      {
        "version": "10.2(2)",
        "status": "affected"
      },
      {
        "version": "10.2(3)",
        "status": "affected"
      },
      {
        "version": "10.2(3t)",
        "status": "affected"
      },
      {
        "version": "10.2(2a)",
        "status": "affected"
      },
      {
        "version": "10.3(1)",
        "status": "affected"
      },
      {
        "version": "10.2(4)",
        "status": "affected"
      },
      {
        "version": "10.3(2)",
        "status": "affected"
      },
      {
        "version": "10.3(3)",
        "status": "affected"
      },
      {
        "version": "10.2(5)",
        "status": "affected"
      },
      {
        "version": "10.2(3v)",
        "status": "affected"
      },
      {
        "version": "10.4(1)",
        "status": "affected"
      },
      {
        "version": "10.3(99w)",
        "status": "affected"
      },
      {
        "version": "10.2(6)",
        "status": "affected"
      },
      {
        "version": "10.3(3w)",
        "status": "affected"
      },
      {
        "version": "10.3(99x)",
        "status": "affected"
      },
      {
        "version": "10.3(3o)",
        "status": "affected"
      },
      {
        "version": "10.3(4)",
        "status": "affected"
      },
      {
        "version": "10.3(3p)",
        "status": "affected"
      },
      {
        "version": "10.3(4a)",
        "status": "affected"
      },
      {
        "version": "10.4(2)",
        "status": "affected"
      },
      {
        "version": "10.3(3q)",
        "status": "affected"
      },
      {
        "version": "10.3(5)",
        "status": "affected"
      },
      {
        "version": "10.2(7)",
        "status": "affected"
      },
      {
        "version": "10.4(3)",
        "status": "affected"
      },
      {
        "version": "10.3(3x)",
        "status": "affected"
      },
      {
        "version": "10.3(4g)",
        "status": "affected"
      },
      {
        "version": "10.5(1)",
        "status": "affected"
      },
      {
        "version": "10.2(8)",
        "status": "affected"
      },
      {
        "version": "10.3(3r)",
        "status": "affected"
      },
      {
        "version": "10.3(6)",
        "status": "affected"
      },
      {
        "version": "10.4(4)",
        "status": "affected"
      },
      {
        "version": "10.3(4h)",
        "status": "affected"
      },
      {
        "version": "10.5(2)",
        "status": "affected"
      },
      {
        "version": "10.3(7)",
        "status": "affected"
      },
      {
        "version": "10.4(5)",
        "status": "affected"
      },
      {
        "version": "10.5(3)",
        "status": "affected"
      },
      {
        "version": "10.2(9)",
        "status": "affected"
      },
      {
        "version": "10.4(4g)",
        "status": "affected"
      },
      {
        "version": "10.6(1)",
        "status": "affected"
      },
      {
        "version": "10.5(3t)",
        "status": "affected"
      },
      {
        "version": "10.3(8)",
        "status": "affected"
      },
      {
        "version": "10.4(6)",
        "status": "affected"
      },
      {
        "version": "10.5(3s)",
        "status": "affected"
      },
      {
        "version": "10.5(3e)",
        "status": "affected"
      },
      {
        "version": "10.5(3o)",
        "status": "affected"
      },
      {
        "version": "10.6(1s)",
        "status": "affected"
      },
      {
        "version": "10.5(3p)",
        "status": "affected"
      }
    ],
    "defaultStatus": "unknown"
  }
]

Source	Link
sec	www.sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bgp-iefab-3hb2pwtx

20 May 2026 16:06Current

CVSS 3.16.8

EPSS0.00039