CVE-2022-20624 | Cisco NX-OS Software Cisco Fabric Services Over IP Denial of Service Vulnerability
A vulnerability in the Cisco Fabric Services over IP (CFSoIP) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of incoming CFSoIP packets. An attacker could exploit this vulnerability by sending crafted CFSoIP packets to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
Conclusion & alert: CVE-2022-20624 is rated High Risk (68.2/100): CVSS High severity, with high exploitation likelihood (EPSS 12.40%, 96th percentile).Core evidence: EPSS ranks this CVE among the most likely to be exploited in the near term.Mandatory action: High exploitation likelihood—assess exposure and prioritize remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2022-20624
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).