Cisco on Wednesday announced patches for eight vulnerabilities in the IOS XR network operating system, including fixes for six high-severity bugs.
The most severe of the flaws is CVE-2024-20398 (CVSS score of 8.8), an insufficient validation of user arguments that IOS XR passes to specific CLI commands.
“An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the prompt. A successful exploit could allow the attacker to elevate privileges to root,” Cisco explains.
Next in line is CVE-2024-20304 (CVSS score of 8.6), a bug impacting the Mtrace2 feature of IOS XR that could be exploited remotely, without authentication, to cause a denial-of-service (DoS) condition.
“This vulnerability exists because the Mtrace2 code does not properly handle packet memory. An attacker could exploit this vulnerability by sending crafted packets to an affected device,” the tech company explains.
Cisco also warned that two high-severity flaws affecting the Routed Passive Optical Network (PON) controller software that runs as a docker container on devices running IOS XR could be exploited for command injection, allowing authenticated attackers to execute commands as root or retrieve MongoDB credentials.
The two bugs, tracked as CVE-2024-20483 and CVE-2024-20489, impact NCS 540, NCS 5500, and NCS 5700 routers, and will be resolved with future updates, Cisco says.
On Wednesday, the tech company announced fixes for two other high-severity DoS flaws in its network OS, including one affecting the handling of specific Ethernet frames and another impacting the segment routing feature for the IS-IS routing protocol.
Fixes were also announced for two medium-severity bugs in IOS XR that could allow attackers to read files from the underlying Linux operating system, or cause a DoS condition on XML TCP listen port 38751.
Cisco says it is not aware of any of these vulnerabilities being exploited in the wild. Additional information can be found in the company’s semiannual IOS XR software security advisory.
Related: Cisco Patches Critical Vulnerabilities in Smart Licensing Utility
Related: Cisco Systems Joins Microsoft, IBM in Vatican Pledge to Ensure Ethical Use and Development of AI
Related: Cisco Patches Code Execution Flaw in VPN Product 6 Months After Disclosure
Related: Cisco Adds Vulnerability Identification to Tetration Platform