Cisco informed customers on Wednesday that it has patched command injection and denial-of-service (DoS) vulnerabilities in some of its Nexus switches.
One of the vulnerabilities, tracked as CVE-2025-20111, has been described as a high-severity issue related to the incorrect handling of some Ethernet frames. The issue impacts the health monitoring diagnostics component of Nexus 3000 and 9000 series switches — in the case of 9000 series products, they are affected only in standalone NX-OS mode.
https://www.securityweek.com/cisco-patc ... -switches/