1 September 2020

Cisco warns of two zero-day flaws in its enterprise-grade routers


Cisco warns of two zero-day flaws in its enterprise-grade routers

The network equipment maker Cisco Systems has released a security advisory warning of two zero-day vulnerabilities in the Cisco IOS XR software, the OS running on Cisco enterprise-grade routers that attackers are actively trying to exploit.

The flaws in question are CVE-2020-3566 and CVE-2020-3569 that reside in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR. By exploiting these security holes an unauthenticated, remote attacker can exhaust process memory of an affected device.

“These vulnerabilities are due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols,” the manufacturer explains.

Cisco says that any device that is running any release of Cisco IOS XR Software if an active interface is configured under multicast routing is impacted by the above mentioned flaws.

Cisco has yet to release software updates to address CVE-2020-3566 and CVE-2020-356. Meanwhile, the company has provided mitigations, which include implementing a rate limiter for IGMP traffic, implementing an access control entry (ACE) to an existing interface access control list (ACL).

“Alternatively, the customer can create a new ACL for a specific interface that denies DVMRP traffic inbound on that interface,” the company added.


Back to the list

Latest Posts

Palmerworm cyber-spies hide in compromised networks for months

Palmerworm cyber-spies hide in compromised networks for months

A new espionage campaign targets companies in Japan, Taiwan, the U.S., and China.
30 September 2020
Healthcare provider UHS hit by a ransomware attack

Healthcare provider UHS hit by a ransomware attack

The cause of the incident is believed to be the Ryuk ransomware.
29 September 2020
Apple fixed four dangerous vulnerabilities in macOS

Apple fixed four dangerous vulnerabilities in macOS

Exploitation of some of the problems allows arbitrary code execution on the system.
28 September 2020