Two vulnerabilities in Cisco IOS XR
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2017-6719 CVE-2017-6718 |
| CWE-ID | CWE-77 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Cisco IOS XR Operating systems & Components / Operating system |
| Vendor | Cisco Systems, Inc |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Command injection
EUVDB-ID: #VU7177
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6719
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated attacker to execute arbitrary commands on the host operating system.
The vulnerability exists in the CLI of Cisco IOS XR Software due to insufficient input validation. A local attacker can send a specially crafted input to a command in a specific group and execute arbitrary commands with root privileges.
Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.
MitigationInstall update from vendor's website.
Cisco IOS XR: 6.2.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Privilege escalation
EUVDB-ID: #VU7178
Risk: Low
CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6718
CWE-ID:
CWE-77 - Command injection
Exploit availability: No
DescriptionThe vulnerability allows a local authenticated attacker to gain elevated privileges on the target system.
The vulnerability exists in the CLI of Cisco IOS XR Software due to incorrect permission settings on binary files. A local attacker can send specially crafted commands to the affected device, overwrite binaries on the filesystem and gain root privileges.
Successful exploitation of the vulnerability results in privileges escalation.
Mitigation
Install update from vendor's website.
Cisco IOS XR: 6.2.1
External linkshttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170621-ios1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
