Medium6.5Cisco Updated
Cisco IOS XE Software Denial of Service Vulnerability
cisco-sa-iosxe-mntc-dos-LZweQcyq Published Apr 2, 2026Updated by vendor Apr 2, 2026
CVE-2026-20110
Affected products & platforms
CiscoIOS XE
Summary
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command.
Affected versions
- Scope: At the time of publication, this vulnerability affected Cisco IOS XE Software if it supported the start maintenance command.
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
Temporary workarounds
- There is a workaround that addresses this vulnerability. Set the privilege level of the start maintenance command manually by connecting to the device management CLI and using the privilege exec level 15 start maintenance configuration command, as shown in the following example:
- Router# configuration terminal
- Enter configuration commands, one per line. End with CNTL/Z.
- Router(config)# privilege exec level 15 start maintenance
- While this workaround has been deployed and was proven successful in a test environment, customers should determine the applicability and effectiveness in their own environment and under their own use conditions. Customers should be aware that any workaround or mitigation that is implemented may negatively impact the functionality or performance of their network based on intrinsic customer depl…
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.