Cisco Cisco Aironet Access Point Software (Ios Xe Controller)
11 CVEs affecting Cisco Cisco Aironet Access Point Software (Ios Xe Controller). Latest disclosed: 2025-09-24. Critical: 1, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-20418 | Critical | 10.0 | 2024-11-06 | A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless Software for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Po… |
CVE-2024-20271 | High | 8.6 | 2024-03-27 | A vulnerability in the IP packet processing of Cisco Access Point (AP) Software could allow an unauthenticated, remote attacker to cause a denial of service (D… |
CVE-2022-20945 | High | 7.4 | 2022-09-30 | A vulnerability in the 802.11 association frame validation of Cisco Catalyst 9100 Series Access Points (APs) could allow an unauthenticated, adjacent attacker… |
CVE-2021-1439 | High | 7.4 | 2021-03-24 | A vulnerability in the multicast DNS (mDNS) gateway feature of Cisco Aironet Series Access Points Software could allow an unauthenticated, adjacent attacker to… |
CVE-2024-20265 | Medium | 5.9 | 2024-03-27 | A vulnerability in the boot process of Cisco Access Point (AP) Software could allow an unauthenticated, physical attacker to bypass the Cisco Secure Boot funct… |
CVE-2023-20176 | Medium | 5.8 | 2023-09-27 | A vulnerability in the networking component of Cisco access point (AP) software could allow an unauthenticated, remote attacker to cause a temporary disruption… |
CVE-2024-20354 | Medium | 4.7 | 2024-03-27 | A vulnerability in the handling of encrypted wireless frames of Cisco Aironet Access Point (AP) Software could allow an unauthenticated, adjacent attacker to c… |
CVE-2023-20268 | Medium | 4.7 | 2023-09-27 | A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resourc… |
CVE-2022-20728 | Medium | 4.7 | 2022-09-30 | A vulnerability in the client forwarding code of multiple Cisco Access Points (APs) could allow an unauthenticated, adjacent attacker to inject packets from th… |
CVE-2025-20365 | Medium | 4.3 | 2025-09-24 | A vulnerability in the IPv6 Router Advertisement (RA) packet processing of Cisco Access Point Software could allow an unauthenticated, adjacent attacker to mod… |
CVE-2025-20364 | Medium | 4.3 | 2025-09-24 | A vulnerability in the Device Analytics action frame processing of Cisco Wireless Access Point (AP) Software could allow an unauthenticated, adjacent attacker… |