#VU11351 Buffer overflow in Cisco IOS XE - CVE-2018-0167

Vulnerability identifier: #VU11351

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear

CVE-ID: CVE-2018-0167

CWE-ID: CWE-120

Exploitation vector: Adjecent network

Exploit availability: The vulnerability is being exploited in the wild

Vulnerable software:
Cisco IOS XE

Software vendor:
Cisco Systems, Inc

The vulnerability allows an adjacent unauthenticated attacker to cause DoS condition or execute arbitrary code with elevated privileges on the target system.

The weakness exists in the LLDP subsystem due to improper error handling of malformed LLDP messages. An adjacent attacker can submit a specially crafted LLDP protocol data unit (PDU), trigger buffer overflow, cause the service to crash or execute arbitrary code with root privileges.

Successful exploitation of the vulnerability may result in system compromise.

Update to versions 5.2.21, 5.2.2, 5.2.1, 5.2.0.21i.FWDG, 5.2.0, 5.1.4, 5.1.3.12i.FWDG, 5.1.3, 16.5(1.315), 16.3(5.44), 15.7(3.1.14A)OT, 15.7(3.1.8A)OT, 15.7(3.1.4N)OT, 15.7(2.0r)M, 15.6(3)M3, 15.6(3)M2.2, 15.6(2.13)SP3, 15.6(2)SP4, 15.5(3)S6.15, 15.5(3)M6, 15.5(1.0.93)SY1, 15.5(1)SY1, 15.5(1)IC1.73, 15.5(1)IA1.511, 15.4(3)S9, 15.4(3)S8.7, 15.4(3)M9, 15.4(1.1.20)SY4, 15.4(1)SY4, 15.3(3)JPC7, 15.3(3)JG, 15.3(3)JF2, 15.3(3)JDA13, 15.3(3)JDA12, 15.3(3)JD13, 15.3(3)JD12, 15.2(6.5.1i)E1, 15.2(6.4.66i)E1, 15.2(6)E1, 15.2(6)E0c, 15.2(4.7.10)EA7, 15.2(2)E8, 15.2(1)SY6, 15.2(1)SY5.98, 15.1(2)SY11.60, 15.0(1.9.1)SQD8, 12.2(60)EZ13, 10.2(171.47), 8.8(1.58), 8.7(1.133), 8.6(101.0), 8.6(1.179), 8.5(110.0), 8.5(107.104), 8.3(140.0), 8.3(135.3), 8.3(134.90), 8.3(134.87), 8.3(134.81), 8.2(167.7), 8.2(167.6), 8.0(152.6) or 8.0(152.5).

• https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-lldp