**Cisco** has released security updates to fix a Crosswork Network Controller (**CNC**) and Network Services Orchestrator (**NSO**) denial-of-service (DoS) vulnerability that requires manually rebooting targeted systems for recovery. Large enterprises and service providers leverage the **CNC** software suite to simplify multivendor network management and operations handling with automation, while the **NSO** orchestration platform helps them manage network devices and resources. ### Vulnerability Details: CVE-2026-20188 Tracked as **CVE-2026-20188**, this high-severity security flaw stems from inadequate rate limiting on incoming network connections. It can be exploited remotely by unauthenticated threat actors to crash unpatched **Cisco CNC** and **Cisco NSO** systems through low-complexity attacks. "A successful exploit could allow the attacker to exhaust available connection resources, causing **Cisco CNC** and **Cisco NSO** to become unresponsive and resulting in a DoS condition for legitimate users and dependent services. A manual reboot of the system is required to recover from this condition," **Cisco** explained in a Wednesday advisory. "To fully remediate this vulnerability and avoid future exposure as described in this advisory, **Cisco** strongly recommends that customers upgrade to the fixed software indicated in this advisory." ### No Known Exploitation (Yet) While **CVE-2026-20188** can be abused to permanently crash targeted systems until manual intervention, **Cisco's** Product Security Incident Response Team (PSIRT) is not aware of ongoing exploitation. ### Affected Versions and Fixes Here's a breakdown of affected versions and the corresponding fixed releases: | Cisco CNC Release | First Fixed Release | |---|---| | 7.1 and earlier | Migrate to a fixed release. | | 7.2 | Not vulnerable. | | Cisco NSO Release | First Fixed Release | |---|---| | 6.3 and earlier | Migrate to a fixed release. | | 6.4 | 6.4.1.3 | | 6.5 | Not vulnerable. | ### History of DoS Vulnerabilities in Cisco Products **CVE-2026-20188** has not been exploited in the wild yet, but **Cisco** has previously patched other DoS vulnerabilities that were exploited in attacks. For instance, in November 2025, it warned that two security flaws (**CVE-2025-20362** and **CVE-2025-20333**) previously exploited in zero-day attacks were now being used to force ASA and FTD firewalls into reboot loops. In September, when **Cisco** patched the two vulnerabilities, **CISA** issued an emergency directive ordering federal agencies to secure their **Cisco** firewalls against attacks using this exploit chain within 24 hours. **Cisco** also addressed vulnerabilities (**CVE-2022-20653** and **CVE-2024-20401**) that could allow attackers to permanently crash Secure Email appliances using maliciously crafted email messages. The company advised customers at the time to contact its Technical Assistance Center (TAC) to have them brought back online, as this required manual intervention. Last year, **Cisco** patched another DoS vulnerability (**CVE-2025-20115**) that allowed attackers to crash the Border Gateway Protocol (BGP) process on IOS XR routers with a single BGP update message.