Cisco has announced a crucial security advisory concerning a significant vulnerability in its Crosswork Network Controller (CNC) and Network Services Orchestrator (NSO) platforms. This vulnerability, identified as CVE-2026-20188, carries a CVSS base score of 7.5, indicating its potential severity on network infrastructures.
Understanding the Vulnerability
The vulnerability allows unauthorized remote attackers to initiate Denial-of-Service (DoS) conditions on systems, posing a considerable threat. It is categorized as an uncontrolled resource consumption vulnerability (CWE-400), where affected systems lack effective rate-limiting controls for incoming network connections.
Attackers can exploit this flaw by overwhelming the server with numerous connection requests. Due to insufficient throttling, the system’s resources can be quickly depleted, rendering Cisco CNC and NSO unresponsive. This exhaustion scenario not only locks out legitimate users but also disrupts network services reliant on these systems.
Impact on Cisco Software Versions
The root of this vulnerability, detailed under Cisco Bug ID CSCwr08237, lies in the connection-handling procedures of the software. Organizations using these Cisco tools need to assess their risk immediately. The vulnerability affects Cisco Crosswork Network Controller version 7.1 and all prior versions, requiring an upgrade to version 7.2, which is unaffected.
For the Cisco Network Services Orchestrator, any system running version 6.3 or earlier is at high risk and should be updated promptly. While the issue also affects the 6.4 release, Cisco has addressed it starting with update 6.4.1.3. Systems operating on version 6.5 or newer remain secure without further action.
Response and Recommendations
This vulnerability was internally discovered by Cisco during a routine Technical Assistance Center support case. Although the Cisco Product Security Incident Response Team has not identified any active exploits or public proofs of concept, the lack of workarounds makes the risk significant.
Administrators cannot use configuration adjustments or network rules to effectively counteract resource exhaustion without impacting functionality. Therefore, upgrading to the latest software versions is the only recommended solution to safeguard affected networks.
Cisco strongly advises all impacted customers to schedule maintenance and implement the necessary updates without delay to prevent potential service disruptions. Prompt action is essential to maintain network security and functionality.
