Improper input validation in Cisco Industrial Ethernet 2000 Series Switches - CVE-2017-12235
Published: September 27, 2017 / Updated: March 8, 2022
Vulnerability identifier: #VU8614
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:A/U:Green
CVE-ID: CVE-2017-12235
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
The vulnerability is being exploited in the wild
Vendor: Cisco Systems, Inc
Affected software:
Cisco Industrial Ethernet 2000 Series Switches
Cisco Industrial Ethernet 2000 Series Switches
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error in the implementation of the PROFINET Discovery and Configuration Protocol (PN-DCP) for Cisco IOS Software when processing ingress PN-DCP Identify Request packets destined to an affected device. An attacker could exploit this vulnerability by sending a crafted PN-DCP Identify Request packet to an affected device and then continuing to send normal PN-DCP Identify Request packets to the device.
A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
How to mitigate CVE-2017-12235
Update to version 15.2(6.3.0i)E or 15.2(5.2.6i)E.