Cisco IOS XR Network OS, an operating system the company deploys to its carrier-grade routers, has two high severity vulnerabilities that are currently being actively exploited in the wild.

The IOS XR is used on multiple router platforms, such as NCS 540 & 560, NCS 5500, 8000, and ASR 9000 series routers. The two vulnerabilities in question – tracked under CVE-2020-3566 and CVE-2020-3569 – are DVMRP Memory Exhaustion Denial of Service (DoS) flaws and could render the devices unstable.

“On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild,” Cisco said in an advisory.

“An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes.

A patch is not yet available, but Cisco has detailed a set of workarounds that could help to eliminate potential threats.

IT teams could implement rate-limiting to reduce IGMP traffic rates, which would increase the time needed to successfully exploit the two flaws.

Users could also “implement an access control entry (ACE) to an existing interface access control list (ACL)” or a new ACL to deny inbound DVRMP traffic to interfaces with multicast routing enabled.

Sign up below to get the latest from ITProPortal, plus exclusive special offers, direct to your inbox!

Thank you for signing up to IT Pro Portal. You will receive a verification email shortly.

ITProPortal is part of Future plc, an international media group and leading digital publisher. Visit our corporate site.

Future Publishing Limited Quay House, The Ambury,
BA1 1UA. All rights reserved. England and Wales company registration number 2008885.


World news – US – Cisco discloses DoS vulnerabilities in carrier-grade routers

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici


Please enter your comment!
Please enter your name here