Vulners
Lucene search
Cisco Nexus 3000 9000 Series Switches Protocol Independent Multicast Version 6 DoS (cisco-sa-nxospc-pim6-vG4jFPh)
| Reporter | Title | Published | Views | Family All 12 |
|---|---|---|---|---|
 | CVE-2025-20262 | 11 Feb 202617:40 | – | circl |
 | Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability | 27 Aug 202516:00 | – | cisco |
 | Cisco NX-OS Software 代码问题漏洞 | 27 Aug 202500:00 | – | cnnvd |
 | CVE-2025-20262 | 27 Aug 202516:23 | – | cve |
 | CVE-2025-20262 Cisco Nexus 3000 and 9000 Series Switches Protocol Independent Multicast Version 6 Denial of Service Vulnerability | 27 Aug 202516:23 | – | cvelist |
 | EUVD-2025-27687 | 3 Oct 202520:07 | – | euvd |
 | Vulnerabilities fixed in Cisco NX-OS Software | 28 Aug 202508:36 | – | ncsc |
| Vulnerabilities fixed in Cisco NX-OS Software | 11 Sep 202508:18 | – | ncsc |
 | CVE-2025-20262 | 27 Aug 202517:15 | – | nvd |
 | PT-2025-34888 · Cisco · Cisco Nexus 3000 Series Switches +1 | 27 Aug 202500:00 | – | ptsecurity |
10
#TRUSTED 4e2897225f9f89afc6011808af2a9cf49b0589b1ed7c03018ec6a37133835ad69a9989e24aa1a8e5c6af9f84cf387ad5245620aab57c5656bcfb894e2c105cc8eb87bf131e12f5bffeec69c6a3acfeb79cf18499c62974ac88e1ae69156713ff820059dc3189185886def370c7ec8ff530969d85294bcdb7adf8a4c04512f97f758c8635956824d3af2c62bae7eec71d5e6f220f4d3f7dfd955eed6c3cec28bba06ad754ac86d3b624376df8cad9882ac6cb605f4068ac4b27a695073385ae1f00669039671315fc613396ad90d1e9eea8a445721ff30bfab0e663c333ee61e82120fd05d884c1883c14d6ce0cca63b7c4b20f658557e0397c40d35f868c06ea466a19577ee70750306fe36076fa744cc2dd0d1e42cc47be9d0f77d6d6b34bf3e541b665b5adf1a9ca8b59690cf87836524a45c1d0c345e92937bd9d8bed43dfacbb174b5be1ad9df893e9ddc764fba09d125fbd993620583925569e57ad9c1c24629fe3c2ed66463fba451d031f2b3512c0e53ae4d2a4449816de4b46dffc1b15a30560241905439b729161d7f3ebb878c299d9d5f1a94156283a96fad9ebe234a658db3ced363c9d93082d1fdf9bb34d9fc46d733c93765f634917654dd15eacc148eab170323dd21f64efe6e0a1badb797a904161adaf6d875ad41bfe0dbc9cb6d66ab94a19cec29904a4b98ddf4b6fc43acb7aecd910c8d52ed48e945863
#TRUST-RSA-SHA256 52259b99b8683fc7418da4f9f5fd1333717e6502cb4b4596b48a0495d527ad17c399d897a10a5f709702fd02be5dd9edb46ed902071444cf945d2fae3a31dfc24ff90c4f03597971683272bf44587962833b0766c001f93d7d7a9046e9558c7d5f29cd1ab3bfe1a944a4d898391683ad0d9b318760ab524bf7d153e60b8a3db5c9e28f308d30da2a028fcfc027d99357491247de07e03abfe19e99b4abbc900c5eeee6274e0025c04ba406002cf62d8fd61e32367ce0a2dd3edef2db5dc3e2e4765e1fc5e4e0dfd40c2e9c788c9be5c81c561951cdb58d227dbf98e5436e48eff731c5d87a57244f725c5632dc431b28ea10b0028864e67d30ecaebf3a2bf2132d257f4ae301aaba5150b4bfcdcd5dbae156ecb4685dc613ae65a6dc5504014b5560acc086ec124ece5af7e8a152cf8483fa5cbbf8d6f5214bb0602494e34660d8fe2f9af82620733331609c3429a7937edcc6b9a5c4e9c8c154b9b91f08a9098bfe71618ec103721d83af48191f80a6fa52cd7d404f81a615323c1a1c5413da826e4605cc85358857a1f05fe484947dd5831313c916b97ba2e54028ce34ebbab98f16dc6ef259cd04d64d11b31c4772ecccfd0410d67a62766cb79678a9638fb459f854a749422f993d68956be01e1ccf50991e31feac327b0e7313f634f368e14795d29b3aca260f2e6ab546cd00cd1e8afd2e209c913e05618ff2f99696f1
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(272740);
script_version("1.1");
script_set_attribute(attribute:"plugin_modification_date", value:"2025/11/05");
script_cve_id("CVE-2025-20262");
script_xref(name:"CISCO-BUG-ID", value:"CSCwn69044");
script_xref(name:"CISCO-SA", value:"cisco-sa-nxospc-pim6-vG4jFPh");
script_xref(name:"IAVA", value:"2025-A-0701");
script_name(english:"Cisco Nexus 3000 9000 Series Switches Protocol Independent Multicast Version 6 DoS (cisco-sa-nxospc-pim6-vG4jFPh)");
script_set_attribute(attribute:"synopsis", value:
"The remote device is missing a vendor-supplied security patch");
script_set_attribute(attribute:"description", value:
"According to its self-reported version, Cisco NX-OS Software is affected by a vulnerability.
- A vulnerability in the Protocol Independent Multicast Version 6 (PIM6) feature of Cisco Nexus 3000 Series
Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, low-
privileged, remote attacker to trigger a crash of the PIM6 process, resulting in a denial of service (DoS)
condition. This vulnerability is due to improper processing of PIM6 ephemeral data queries. An attacker
could exploit this vulnerability by sending a crafted ephemeral query to an affected device through one of
the following methods: NX-API REST, NETCONF, RESTConf, gRPC, or Model Driven Telemetry. A successful
exploit could allow the attacker to cause the PIM6 process to crash and restart, causing potential
adjacency flaps and resulting in a DoS of the PIM6 and ephemeral query processes. (CVE-2025-20262)
Please see the included Cisco BIDs and Cisco Security Advisory for more information.");
# https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxospc-pim6-vG4jFPh
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?2c198619");
script_set_attribute(attribute:"see_also", value:"https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwn69044");
script_set_attribute(attribute:"solution", value:
"Upgrade to the relevant fixed version referenced in Cisco bug ID CSCwn69044");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2025-20262");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_cwe_id(476);
script_set_attribute(attribute:"vuln_publication_date", value:"2025/08/27");
script_set_attribute(attribute:"patch_publication_date", value:"2025/08/27");
script_set_attribute(attribute:"plugin_publication_date", value:"2025/11/05");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/o:cisco:nx-os");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"CISCO");
script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("cisco_nxos_version.nasl");
script_require_keys("Host/Cisco/NX-OS/Version", "Host/Cisco/NX-OS/Model", "Host/Cisco/NX-OS/Device");
exit(0);
}
include('cisco_workarounds.inc');
include('ccf.inc');
var product_info = cisco::get_product_info(name:'Cisco NX-OS Software');
if (('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])3[0-9]{2,3}") &&
('Nexus' >!< product_info.device || product_info.model !~ "(^|[^0-9])9[0-9]{2,3}"))
audit(AUDIT_HOST_NOT, 'affected');
var version_list = [];
if ('Nexus' >< product_info.device && product_info.model =~ "^3[0-9]{2,3}")
{
version_list = make_list(
'9.2(1)',
'9.2(2)',
'9.2(2t)',
'9.2(3)',
'9.2(3y)',
'9.2(4)',
'9.2(2v)',
'9.3(1)',
'9.3(2)',
'9.3(3)',
'9.3(4)',
'9.3(5)',
'9.3(6)',
'9.3(7)',
'9.3(7k)',
'9.3(7a)',
'9.3(8)',
'9.3(9)',
'9.3(10)',
'9.3(11)',
'9.3(12)',
'9.3(13)',
'9.3(14)',
'10.1(1)',
'10.1(2)',
'10.1(2t)',
'10.2(1)',
'10.2(2)',
'10.2(3)',
'10.2(3t)',
'10.2(4)',
'10.2(5)',
'10.2(3v)',
'10.2(6)',
'10.2(7)',
'10.2(8)',
'10.3(1)',
'10.3(2)',
'10.3(3)',
'10.3(4a)',
'10.3(4)',
'10.3(5)',
'10.3(6)',
'10.4(1)',
'10.4(2)',
'10.4(3)',
'10.4(4)',
'10.5(1)',
'10.5(2)'
);
}
if ('Nexus' >< product_info.device && product_info.model =~ "^9[0-9]{2,3}")
{
version_list = make_list(
'9.2(1)',
'9.2(2)',
'9.2(3)',
'9.2(3y)',
'9.2(4)',
'9.3(1)',
'9.3(2)',
'9.3(3)',
'9.3(1z)',
'9.3(4)',
'9.3(5)',
'9.3(6)',
'9.3(5w)',
'9.3(7)',
'9.3(7k)',
'9.3(7a)',
'9.3(8)',
'9.3(9)',
'9.3(10)',
'9.3(11)',
'9.3(12)',
'9.3(13)',
'9.3(14)',
'10.1(1)',
'10.1(2)',
'10.2(1)',
'10.2(1q)',
'10.2(2)',
'10.2(3)',
'10.2(2a)',
'10.2(4)',
'10.2(5)',
'10.2(6)',
'10.2(7)',
'10.2(8)',
'10.3(1)',
'10.3(2)',
'10.3(3)',
'10.3(99w)',
'10.3(3w)',
'10.3(99x)',
'10.3(3o)',
'10.3(4a)',
'10.3(3p)',
'10.3(4)',
'10.3(3q)',
'10.3(3x)',
'10.3(5)',
'10.3(4g)',
'10.3(3r)',
'10.3(6)',
'10.3(4h)',
'10.4(1)',
'10.4(2)',
'10.4(3)',
'10.4(4)',
'10.4(4g)',
'10.5(1)',
'10.5(2)'
);
}
var workarounds = make_list(
CISCO_WORKAROUNDS['generic_workaround']
);
var workaround_params = [
WORKAROUND_CONFIG['feature_pim6_enable'],
WORKAROUND_CONFIG['feature_list_enable'],
{'require_all_generic_workarounds': TRUE}
];
var reporting = make_array(
'port' , product_info['port'],
'severity', SECURITY_WARNING,
'version' , product_info['version'],
'bug_id' , 'CSCwn69044',
'cmds' , make_list('show feature')
);
cisco::check_and_report(
product_info:product_info,
workarounds:workarounds,
workaround_params:workaround_params,
reporting:reporting,
vuln_versions:version_list
);
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
05 Nov 2025 00:00Current
5.6Medium risk
Vulners AI Score5.6
CVSS 3.15
EPSS0.0017
SSVC