Connect with us

Hi, what are you looking for?


Network Security

Cisco Patches Serious DoS Flaws in IOS Software

Updates released by Cisco on Wednesday for its IOS and IOS XE networking software patch several denial-of-service (DoS) vulnerabilities identified by the vendor’s own employees and external researchers.

Updates released by Cisco on Wednesday for its IOS and IOS XE networking software patch several denial-of-service (DoS) vulnerabilities identified by the vendor’s own employees and external researchers.

Cisco has published a total of six advisories detailing the flaws, all of which have been rated as having high severity.

According to the vendor, one of the vulnerabilities is related to the improper handling of malformed Session Initiation Protocol (SIP) messages in Cisco IOS, IOS XE and Unified Communications Manager (UCM) software. A remote, unauthenticated attacker can exploit the security hole, tracked as CVE-2016-1350, to cause a memory leak, which eventually leads to the affected device reloading.

Another DoS vulnerability affects the DHCP version 6 (DHCPv6) relay feature of Cisco IOS and IOS XE. An unauthenticated attacker can exploit this bug, identified as CVE-2016-1348, to remotely cause an affected device to reload by sending it specially crafted DHCPv6 relay messages.

IOS and IOS XE software is also plagued by a DoS vulnerability (CVE-2016-1349) that affects its Smart Install client feature. An attacker can remotely cause a device to enter a DoS condition by sending malicious Smart Install packets to TCP port 4786.

A remote attacker can cause Cisco Catalyst 6500 and 6800 series switches running IOS, and Cisco Nexus 7000 and 7700 series switches running NX-OS to reload by exploiting a vulnerability (CVE-2016-1351) in the Locator/ID Separation Protocol (LISP).

A security weakness has also been identified in the Wide Area Application Services (WAAS) Express feature of IOS. A specially crafted TCP segment routed through an affected device causes it to enter a DoS condition, Cisco said in its advisory. This vulnerability, tracked as CVE-2016-1347, can be exploited remotely by an unauthenticated hacker.

Advertisement. Scroll to continue reading.

The last advisory from Cisco describes a DoS flaw in the Internet Key Exchange (IKE) version 2 fragmentation code of IOS and IOS XE. The vulnerability (CVE-2016-1344) can be exploited by sending a specially crafted UDP packet to the affected system.

Cisco says it’s not aware of any instances where these vulnerabilities have been exploited for malicious purposes.

The six security advisories published on Wednesday are part of the company’s semiannual Cisco IOS and IOS XE Software Security Advisory Bundled Publication. Another bundle of IOS advisories will be released in the fourth Wednesday of September.

Related: Cisco Security Products Plagued by Critical Flaw

Related: Unpatched Flaw Plagues Cisco Industrial Switches

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content

Identity & Access

Zero trust is not a replacement for identity and access management (IAM), but is the extension of IAM principles from people to everyone and...

Cybersecurity Funding

Network security provider Corsa Security last week announced that it has raised $10 million from Roadmap Capital. To date, the company has raised $50...

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Network Security

Our networks have become atomized which, for starters, means they’re highly dispersed. Not just in terms of the infrastructure – legacy, on-premises, hybrid, multi-cloud,...