Security Experts:

Cisco Patches Serious DoS Flaws in IOS

Cisco has released updates for its IOS and IOS XE software to address a couple of high severity flaws that can be exploited to cause a denial-of-service (DoS) condition on vulnerable devices.

The security holes were disclosed on Monday by Omar Eissa, a researcher at Germany-based security firm ERNW, at the TROOPERS conference in a talk focusing on Cisco’s Autonomic Networking Infrastructure (ANI). The ANI vulnerabilities found by Eissa allow unauthenticated attackers to cause affected devices to reload.

One of the flaws, identified as CVE-2017-3850, can be exploited by a remote attacker simply by knowing the targeted Cisco device’s IPv6 address. The weakness can be exploited by sending a specially crafted IPv6 packet to an appliance, but the attack only works if the device runs a version of IOS that supports ANI and its IPv6 interface is reachable.

The second vulnerability, CVE-2017-3849, can be exploited if the targeted device is running an IOS release that supports ANI, it’s configured as an autonomic registrar, and it has a whitelist configured.

If these conditions are met, an adjacent attacker can cause a DoS condition by sending the appliance a specially crafted autonomic network channel discovery packet.

Cisco has published indicators of compromise (IoC) and the company’s IOS Software Checker can be used by customers to determine if their IOS and IOS XE software is vulnerable to such attacks. The networking giant has found no evidence of exploitation in the wild.

These are not the only serious IOS vulnerabilities disclosed recently by Cisco. Last week, the company informed customers that an analysis of the Vault 7 files made public this month by WikiLeaks revealed the existence of a critical remote code execution flaw affecting more than 300 of the company’s switches and modules.

In the Vault 7 files, which allegedly describe the CIA’s hacking capabilities, Cisco also identified a piece of malware that can hijack its devices and abuse them for various purposes, including data theft and manipulating web traffic.

Related: Cisco Starts Patching Critical WebEx Flaw

Related: Critical Cisco Prime Home Flaw Allows Authentication Bypass

Related: Actively Exploited Struts Flaw Affects Cisco Products

view counter
Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.