Out-of-bounds read in Cisco IOS XR and Cisco ASR 9000 Series Aggregation Services Routers

#VU62348 Out-of-bounds read in Cisco IOS XR and Cisco ASR 9000 Series Aggregation Services Routers

Published: 2022-04-15

Vulnerability identifier: #VU62348

Vulnerability risk: High

CVSSv3.1: 7.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-20714

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Cisco IOS XR
Operating systems & Components / Operating system
Cisco ASR 9000 Series Aggregation Services Routers
Hardware solutions / Routers & switches, VoIP, GSM, etc

Vendor: Cisco Systems, Inc

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in the data plane microcode of Lightspeed-Plus line cards. A remote attacker can send a specially crafted packet, trigger out-of-bounds read error and cause a denial of service condition on the system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Cisco IOS XR: 7.1 - 7.3

Cisco ASR 9000 Series Aggregation Services Routers: All versions

External links
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-lsplus-Z6AQEOjk

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Cisco IOS XR Software for ASR 9000 Series Routers