Vulnerability identifier: #VU15419

Vulnerability risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-0441

CWE-ID: CWE-20

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
Cisco IOS
Operating systems & Components / Operating system

Vendor: Cisco Systems, Inc

Description

The vulnerability allows an adjacent unauthenticated attacker to cause DoS condition on the target system.

The vulnerability exists in the 802.11r Fast Transition feature set due to a corruption of certain timer mechanisms triggered by specific roaming events. An adjacent attacker can send malicious reassociation events multiple times to the same AP in a short period of time and cause a DoS condition on the affected AP.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Cisco IOS: 15.3.3 JA12

---

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181017-ap-ft-dos

---

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.