Cisco Nexus Series Switches Intermediate System-to-Intermediate System Denial of Service Vulnerability (CVE-2025-20241)
CVE number = CVE-2025-20241
A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) feature of Cisco NX-OS Software for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload.
This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause the unexpected restart of the IS-IS process, which could cause the affected device to reload, resulting in a denial of service (DoS) condition.
Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2-adjacent to the affected device.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
This vulnerability affects the following Cisco products if they are running Cisco NX-OS Software, the IS-IS protocol is enabled, and the IS-IS protocol is enabled on at least one interface.
- Nexus 9000 Series Switches in standalone NX-OS mode
- Nexus 3000 Series Switches
This advisory is available at the following link:
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-n39k-isis-dos-JhJA8Rfx

I am one of the editors here at www.systemtek.co.uk I am a UK based technology professional, with an interest in computer security and telecoms.
