Unpatched Flaw Plagues Cisco Industrial Switches

Cisco informed customers on Monday that the IOS software running on some of the company’s industrial switches is plagued by a denial-of-service (DoS) vulnerability.

The flaw, assigned the identifier CVE-2016-1330 and a CVSS score of 6.1, affects Cisco Industrial Ethernet 2000 Series Switches running IOS Software 15.2(4)E.

The cause of the vulnerability is the way the system processes Cisco Discovery Protocol (CDP) packets. An unauthenticated attacker with access to the network can cause vulnerable devices to reload by sending them specially crafted CDP packets.

Cisco has yet to release a software update to patch the vulnerability and the company says there are no workarounds. The vendor’s product security incident response team (PSIRT) hasn’t found any evidence to suggest that the flaw has been exploited in the wild.

Another issue disclosed by Cisco on Monday is a cross-site scripting (XSS) vulnerability affecting Cisco Emergency Responder, a product designed to help emergency teams manage calls in their phone network and identify the location of 911 callers.

This medium-severity flaw (CVE-2016-1331) allows a remote, unauthenticated attacker to execute arbitrary code in the context of the vulnerable web interface and access potentially sensitive browser information. The security hole can be exploited by tricking the victim into clicking on a malicious link or by injecting malicious code into an intercepted connection.

This vulnerability, which affects Cisco Emergency Responder 11.5(0.99833.5), also remains unpatched with no workarounds available.

Earlier this month, Cisco released updates to patch critical and high impact flaws in several of its products, including Application Policy Infrastructure Controller (APIC), Nexus 9000 switches, Cisco Prime Security Manager (PRSM), and Adaptive Security Appliance (ASA) software.

Related: Cisco Launches Service to Address Shadow IT

Related: Cisco Patches Serious Flaws in Networking, Security Products