Buffer overflow in Cisco IOS XE - CVE-2018-0167

Vulnerability identifier: #VU11351

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2018-0167

CWE-ID: CWE-120

Exploitation vector: Adjecent network

Exploit availability: The vulnerability is being exploited in the wild

Vendor: Cisco Systems, Inc

Affected software:
Cisco IOS XE

The vulnerability allows an adjacent unauthenticated attacker to cause DoS condition or execute arbitrary code with elevated privileges on the target system.

The weakness exists in the LLDP subsystem due to improper error handling of malformed LLDP messages. An adjacent attacker can submit a specially crafted LLDP protocol data unit (PDU), trigger buffer overflow, cause the service to crash or execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

Update to versions 5.2.21, 5.2.2, 5.2.1, 5.2.0.21i.FWDG, 5.2.0, 5.1.4, 5.1.3.12i.FWDG, 5.1.3, 16.5(1.315), 16.3(5.44), 15.7(3.1.14A)OT, 15.7(3.1.8A)OT, 15.7(3.1.4N)OT, 15.7(2.0r)M, 15.6(3)M3, 15.6(3)M2.2, 15.6(2.13)SP3, 15.6(2)SP4, 15.5(3)S6.15, 15.5(3)M6, 15.5(1.0.93)SY1, 15.5(1)SY1, 15.5(1)IC1.73, 15.5(1)IA1.511, 15.4(3)S9, 15.4(3)S8.7, 15.4(3)M9, 15.4(1.1.20)SY4, 15.4(1)SY4, 15.3(3)JPC7, 15.3(3)JG, 15.3(3)JF2, 15.3(3)JDA13, 15.3(3)JDA12, 15.3(3)JD13, 15.3(3)JD12, 15.2(6.5.1i)E1, 15.2(6.4.66i)E1, 15.2(6)E1, 15.2(6)E0c, 15.2(4.7.10)EA7, 15.2(2)E8, 15.2(1)SY6, 15.2(1)SY5.98, 15.1(2)SY11.60, 15.0(1.9.1)SQD8, 12.2(60)EZ13, 10.2(171.47), 8.8(1.58), 8.7(1.133), 8.6(101.0), 8.6(1.179), 8.5(110.0), 8.5(107.104), 8.3(140.0), 8.3(135.3), 8.3(134.90), 8.3(134.87), 8.3(134.81), 8.2(167.7), 8.2(167.6), 8.0(152.6) or 8.0(152.5).

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp