PatchSiren cyber security CVE debrief
CVE-2004-1464 Cisco CVE debrief
CVE-2004-1464 is a Cisco IOS denial-of-service vulnerability that appears in CISA’s Known Exploited Vulnerabilities catalog. That KEV listing means defenders should treat it as a real-world risk, even though the supplied record set does not include deeper technical detail or a CVSS score. The safest response is to follow Cisco’s update guidance, verify whether any IOS systems are exposed, and prioritize remediation based on operational criticality.
- Vendor
- Cisco
- Product
- IOS
- CVSS
- Unknown
- CISA KEV
- Listed
- Original CVE published
- 2023-05-19
- Original CVE updated
- 2023-05-19
- Advisory published
- 2023-05-19
- Advisory updated
- 2023-05-19
Who should care
Cisco IOS administrators, network engineering teams, vulnerability management owners, SOC analysts, and incident response teams should care, especially if IOS devices are internet-reachable or support business-critical routing and switching.
Technical summary
The supplied sources identify the issue only at a high level: a Cisco IOS denial-of-service vulnerability. CISA’s KEV entry indicates it is a known exploited vulnerability and directs organizations to apply updates per vendor instructions. The corpus provided here does not include the original Cisco advisory text, affected versions, attack preconditions, or a CVSS score, so those details should be verified in the vendor and NVD records before making implementation decisions.
Defensive priority
High priority. KEV inclusion is a strong signal to expedite patching or other vendor-recommended mitigation, especially for exposed or mission-critical IOS devices.
Recommended defensive actions
- Review Cisco’s vendor guidance for the IOS advisory referenced in the CISA KEV notes and apply the recommended updates.
- Inventory all Cisco IOS assets and identify which systems are reachable from untrusted networks.
- Prioritize remediation for externally exposed, customer-facing, or business-critical network devices.
- Confirm whether any compensating controls are in place until updates can be deployed.
- Monitor logs and alerts for instability, unexpected reboots, or denial-of-service indicators on IOS devices.
- Track remediation status in vulnerability management workflows and validate closure after update deployment.
Evidence notes
Evidence is limited to the supplied official records: the CVE entry, NVD detail page, and CISA KEV catalog. CISA’s source metadata names Cisco IOS as the affected product, labels the vulnerability as a denial-of-service issue, and marks it as a known exploited vulnerability with the instruction to apply updates per vendor instructions. No additional technical claims are made here beyond those records.
Official resources
-
CVE-2004-1464 CVE record
CVE.org
-
CVE-2004-1464 NVD detail
NVD
-
CISA Known Exploited Vulnerabilities catalog
CISA - Apply updates per vendor instructions.
-
Source item URL
cisa_kev
This debrief is based only on the supplied official records. The provided timeline shows the CVE and KEV metadata published/modified on 2023-05-19 in the corpus, but that date should not be treated as the original vulnerability creation or