Cisco Issues Security Patch for Critical Network Controller Vulnerability
AI-generated from multiple sources. Verify before acting on this reporting.
SAN FRANCISCO — Cisco Systems released security updates on Tuesday to address a critical denial-of-service vulnerability affecting its Crosswork Network Controller and Network Services Orchestrator products. The flaw requires administrators to manually reboot targeted systems to restore functionality after an attack.
The vulnerability stems from inadequate rate limiting on incoming network connections, allowing attackers to overwhelm the affected systems. Cisco stated that the issue impacts global deployments of the software, which is used by enterprises to manage complex network infrastructures. The company assigned the flaw a high severity rating, noting that exploitation could lead to significant service disruption.
Cisco’s advisory, issued on May 6, 2026, details the technical specifics of the vulnerability. The flaw exists in the way the software handles incoming traffic, failing to properly throttle connection requests. This allows malicious actors to flood the system with traffic, causing it to become unresponsive. Unlike other vulnerabilities that might be mitigated through configuration changes or temporary patches, this specific flaw necessitates a physical or remote reboot of the affected servers to clear the backlog and restore normal operations.
The update is available for immediate download through Cisco’s software update portal. Network administrators are urged to apply the patch as soon as possible to secure their environments. Cisco recommended that organizations inventory their deployments of Crosswork Network Controller and Network Services Orchestrator to determine if they are running vulnerable versions. The company provided a list of affected software versions in its security advisory.
Industry analysts noted that the requirement for a manual reboot adds a layer of operational complexity to the incident response process. In large-scale deployments, coordinating reboots across multiple data centers could extend downtime. Security experts advised organizations to prioritize patching during maintenance windows to minimize business impact.
Cisco has not disclosed any confirmed instances of the vulnerability being exploited in the wild. However, the company emphasized that the potential for disruption warrants immediate action. The advisory includes instructions for mitigating the risk if immediate patching is not feasible, such as implementing network-level rate limiting or firewall rules to restrict access to the affected services.
The vulnerability highlights the ongoing challenges in securing network management software, which often sits at the core of enterprise IT infrastructure. As organizations increasingly rely on centralized controllers to manage their networks, the stakes for securing these systems continue to rise.
Cisco is expected to provide further guidance as the situation develops. The company has not announced plans for additional updates beyond the current patch, but it remains monitoring the situation for any new developments. Administrators are advised to stay vigilant and monitor Cisco’s security bulletins for any updates regarding this vulnerability.