CVE-2022-20824 | Cisco FXOS and NX-OS Software Cisco Discovery Protocol Denial of Service and Arbitrary Code Execution Vulnerability

A vulnerability in the Cisco Discovery Protocol feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation of specific values that are within a Cisco Discovery Protocol message. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or cause the Cisco Discovery Protocol process to crash and restart multiple times, which would cause the affected device to reload, resulting in a DoS condition. Note: Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent).

Published: 2022-08-25 Last update: 2026-06-17 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2022-20824 is rated Moderate Risk (45.4/100): CVSS High severity, with low exploitation likelihood (EPSS 0.37%). Mandatory action: Review affected assets and schedule remediation.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Exploit prediction scoring system (EPSS) score for CVE-2022-20824

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 0.14% 0.37% +0.23%
2 2025-11-07 0.27% 0.14% -0.13%
3 2025-10-15 0.27%

Full EPSS history (7 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2022-20824

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
8.8 3.1 HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:A)
Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
2.8 5.9 [email protected]
8.8 3.1 HIGH
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Click to expand
Attack vector (AV:A)
Attacker has to be nearby on the network—same office, same link, that vibe—not the whole wide internet.
Attack complexity (AC:L)
Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:N)
No account or special rights needed—anonymous or random user is enough.
User interaction (UI:N)
Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U)
Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H)
Serious risk that confidential data gets exposed in a big way.
Integrity (I:H)
They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H)
Could take the service down hard or make it unusable for people who depend on it.
2.8 5.9 [email protected]

Weakness enumeration for CVE-2022-20824

Affected software / configurations for CVE-2022-20824

Vendor Product Version Raw CPE
cisco mds_9506_firmware cpe:2.3:o:cisco:mds_9506_firmware:-:*:*:*:*:*:*:*
cisco mds_9513_firmware cpe:2.3:o:cisco:mds_9513_firmware:-:*:*:*:*:*:*:*
cisco mds_9706_firmware cpe:2.3:o:cisco:mds_9706_firmware:-:*:*:*:*:*:*:*
cisco mds_9710_firmware cpe:2.3:o:cisco:mds_9710_firmware:-:*:*:*:*:*:*:*
cisco mds_9718_firmware cpe:2.3:o:cisco:mds_9718_firmware:-:*:*:*:*:*:*:*
cisco nexus_1000v_firmware cpe:2.3:o:cisco:nexus_1000v_firmware:-:*:*:*:*:vmware_vsphere:*:*
cisco nexus_3016_firmware cpe:2.3:o:cisco:nexus_3016_firmware:-:*:*:*:*:*:*:*
cisco nexus_3016q_firmware cpe:2.3:o:cisco:nexus_3016q_firmware:-:*:*:*:*:*:*:*
cisco nexus_3048_firmware cpe:2.3:o:cisco:nexus_3048_firmware:-:*:*:*:*:*:*:*
cisco nexus_3064_firmware cpe:2.3:o:cisco:nexus_3064_firmware:-:*:*:*:*:*:*:*
cisco nexus_3064-32t_firmware cpe:2.3:o:cisco:nexus_3064-32t_firmware:-:*:*:*:*:*:*:*
cisco nexus_3064-t_firmware cpe:2.3:o:cisco:nexus_3064-t_firmware:-:*:*:*:*:*:*:*
cisco nexus_3064-x_firmware cpe:2.3:o:cisco:nexus_3064-x_firmware:-:*:*:*:*:*:*:*
cisco nexus_3064t_firmware cpe:2.3:o:cisco:nexus_3064t_firmware:-:*:*:*:*:*:*:*
cisco nexus_3064x_firmware cpe:2.3:o:cisco:nexus_3064x_firmware:-:*:*:*:*:*:*:*
cisco nexus_3100_firmware cpe:2.3:o:cisco:nexus_3100_firmware:-:*:*:*:*:*:*:*
cisco nexus_3100-v_firmware cpe:2.3:o:cisco:nexus_3100-v_firmware:-:*:*:*:*:*:*:*
cisco nexus_3100-z_firmware cpe:2.3:o:cisco:nexus_3100-z_firmware:-:*:*:*:*:*:*:*
cisco nexus_3100v_firmware cpe:2.3:o:cisco:nexus_3100v_firmware:-:*:*:*:*:*:*:*
cisco nexus_31108pc-v_firmware cpe:2.3:o:cisco:nexus_31108pc-v_firmware:-:*:*:*:*:*:*:*
cisco nexus_31108pv-v_firmware cpe:2.3:o:cisco:nexus_31108pv-v_firmware:-:*:*:*:*:*:*:*
cisco nexus_31108tc-v_firmware cpe:2.3:o:cisco:nexus_31108tc-v_firmware:-:*:*:*:*:*:*:*
cisco nexus_31128pq_firmware cpe:2.3:o:cisco:nexus_31128pq_firmware:-:*:*:*:*:*:*:*
cisco nexus_3132c-z_firmware cpe:2.3:o:cisco:nexus_3132c-z_firmware:-:*:*:*:*:*:*:*
cisco nexus_3132q_firmware cpe:2.3:o:cisco:nexus_3132q_firmware:-:*:*:*:*:*:*:*
cisco nexus_3132q-v_firmware cpe:2.3:o:cisco:nexus_3132q-v_firmware:-:*:*:*:*:*:*:*
cisco nexus_3132q-x_firmware cpe:2.3:o:cisco:nexus_3132q-x_firmware:-:*:*:*:*:*:*:*
cisco nexus_3132q-x\/3132q-xl_firmware cpe:2.3:o:cisco:nexus_3132q-x\/3132q-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3132q-xl_firmware cpe:2.3:o:cisco:nexus_3132q-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3164q_firmware cpe:2.3:o:cisco:nexus_3164q_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172_firmware cpe:2.3:o:cisco:nexus_3172_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172pq_firmware cpe:2.3:o:cisco:nexus_3172pq_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172pq-xl_firmware cpe:2.3:o:cisco:nexus_3172pq-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172pq\/pq-xl_firmware cpe:2.3:o:cisco:nexus_3172pq\/pq-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172tq_firmware cpe:2.3:o:cisco:nexus_3172tq_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172tq-32t_firmware cpe:2.3:o:cisco:nexus_3172tq-32t_firmware:-:*:*:*:*:*:*:*
cisco nexus_3172tq-xl_firmware cpe:2.3:o:cisco:nexus_3172tq-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3200_firmware cpe:2.3:o:cisco:nexus_3200_firmware:-:*:*:*:*:*:*:*
cisco nexus_3232c_firmware cpe:2.3:o:cisco:nexus_3232c_firmware:-:*:*:*:*:*:*:*
cisco nexus_3232c__firmware cpe:2.3:o:cisco:nexus_3232c__firmware:-:*:*:*:*:*:*:*
cisco nexus_3264c-e_firmware cpe:2.3:o:cisco:nexus_3264c-e_firmware:-:*:*:*:*:*:*:*
cisco nexus_3264q_firmware cpe:2.3:o:cisco:nexus_3264q_firmware:-:*:*:*:*:*:*:*
cisco nexus_3400_firmware cpe:2.3:o:cisco:nexus_3400_firmware:-:*:*:*:*:*:*:*
cisco nexus_3408-s_firmware cpe:2.3:o:cisco:nexus_3408-s_firmware:-:*:*:*:*:*:*:*
cisco nexus_34180yc_firmware cpe:2.3:o:cisco:nexus_34180yc_firmware:-:*:*:*:*:*:*:*
cisco nexus_34200yc-sm_firmware cpe:2.3:o:cisco:nexus_34200yc-sm_firmware:-:*:*:*:*:*:*:*
cisco nexus_3432d-s_firmware cpe:2.3:o:cisco:nexus_3432d-s_firmware:-:*:*:*:*:*:*:*
cisco nexus_3464c_firmware cpe:2.3:o:cisco:nexus_3464c_firmware:-:*:*:*:*:*:*:*
cisco nexus_3524_firmware cpe:2.3:o:cisco:nexus_3524_firmware:-:*:*:*:*:*:*:*
cisco nexus_3524-x_firmware cpe:2.3:o:cisco:nexus_3524-x_firmware:-:*:*:*:*:*:*:*
cisco nexus_3524-x\/xl_firmware cpe:2.3:o:cisco:nexus_3524-x\/xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3524-xl_firmware cpe:2.3:o:cisco:nexus_3524-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3548_firmware cpe:2.3:o:cisco:nexus_3548_firmware:-:*:*:*:*:*:*:*
cisco nexus_3548-x_firmware cpe:2.3:o:cisco:nexus_3548-x_firmware:-:*:*:*:*:*:*:*
cisco nexus_3548-x\/xl_firmware cpe:2.3:o:cisco:nexus_3548-x\/xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_3548-xl_firmware cpe:2.3:o:cisco:nexus_3548-xl_firmware:-:*:*:*:*:*:*:*
cisco nexus_36180yc-r_firmware cpe:2.3:o:cisco:nexus_36180yc-r_firmware:-:*:*:*:*:*:*:*
cisco nexus_3636c-r_firmware cpe:2.3:o:cisco:nexus_3636c-r_firmware:-:*:*:*:*:*:*:*
cisco nexus_5548p_firmware cpe:2.3:o:cisco:nexus_5548p_firmware:-:*:*:*:*:*:*:*
cisco nexus_5548up_firmware cpe:2.3:o:cisco:nexus_5548up_firmware:-:*:*:*:*:*:*:*
cisco nexus_5596t_firmware cpe:2.3:o:cisco:nexus_5596t_firmware:-:*:*:*:*:*:*:*
cisco nexus_5596up_firmware cpe:2.3:o:cisco:nexus_5596up_firmware:-:*:*:*:*:*:*:*
cisco nexus_5600_firmware cpe:2.3:o:cisco:nexus_5600_firmware:-:*:*:*:*:*:*:*
cisco nexus_56128p_firmware cpe:2.3:o:cisco:nexus_56128p_firmware:-:*:*:*:*:*:*:*
cisco nexus_5624q_firmware cpe:2.3:o:cisco:nexus_5624q_firmware:-:*:*:*:*:*:*:*
cisco nexus_5648q_firmware cpe:2.3:o:cisco:nexus_5648q_firmware:-:*:*:*:*:*:*:*
cisco nexus_5672up_firmware cpe:2.3:o:cisco:nexus_5672up_firmware:-:*:*:*:*:*:*:*
cisco nexus_5672up-16g_firmware cpe:2.3:o:cisco:nexus_5672up-16g_firmware:-:*:*:*:*:*:*:*
cisco nexus_5696q_firmware cpe:2.3:o:cisco:nexus_5696q_firmware:-:*:*:*:*:*:*:*
cisco nexus_6000_firmware cpe:2.3:o:cisco:nexus_6000_firmware:-:*:*:*:*:*:*:*
cisco nexus_6001_firmware cpe:2.3:o:cisco:nexus_6001_firmware:-:*:*:*:*:*:*:*
cisco nexus_6001p_firmware cpe:2.3:o:cisco:nexus_6001p_firmware:-:*:*:*:*:*:*:*
cisco nexus_6001t_firmware cpe:2.3:o:cisco:nexus_6001t_firmware:-:*:*:*:*:*:*:*
cisco nexus_6004_firmware cpe:2.3:o:cisco:nexus_6004_firmware:-:*:*:*:*:*:*:*
cisco nexus_6004x_firmware cpe:2.3:o:cisco:nexus_6004x_firmware:-:*:*:*:*:*:*:*
cisco nexus_7000_firmware cpe:2.3:o:cisco:nexus_7000_firmware:-:*:*:*:*:*:*:*
cisco nexus_7000_supervisor_1_firmware cpe:2.3:o:cisco:nexus_7000_supervisor_1_firmware:-:*:*:*:*:*:*:*
cisco nexus_7000_supervisor_2_firmware cpe:2.3:o:cisco:nexus_7000_supervisor_2_firmware:-:*:*:*:*:*:*:*
cisco nexus_7000_supervisor_2e_firmware cpe:2.3:o:cisco:nexus_7000_supervisor_2e_firmware:-:*:*:*:*:*:*:*
cisco nexus_7004_firmware cpe:2.3:o:cisco:nexus_7004_firmware:-:*:*:*:*:*:*:*

References for CVE-2022-20824

cvelogic Threat Intelligence