Cisco warns customers about a high severity zero-day vulnerability in data center routers and networking devices that could cause attackers to trigger memory exhaustion. Though no patch is available yet, the networking giant has issued steps to mitigate the threat posed by attackers. 

Cisco recently discovered a memory exhaustion Denial of Service (DOS) vulnerability in its IOS XR Network OS, widely used in multiple networking gear like data center routers. The vulnerability impacts the Distance Vector Multicast Routing Protocol (DVMRP) of networking operating system (OS) and can allow attackers to remotely exhaust process memory of an affected device without requiring any sort of authentication.

Cisco came to know about the high-severity zero-day vulnerability — CVE-2020-3566 on Saturday through an exploitation attempt that was discovered by Cisco’s Technical Assistance Center (TAC) team during a support case. In a statement, Cisco warned customers, “On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild.”

If successfully exploited, an attacker can exhaust the process memory by leveraging the insufficient queue management for Internet Group Management Protocol (IGMP) packets. “An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols.”

CVE-2020-3566 falls in the ‘high’ severity bracket with a CVSS score of 8.6.  Affected routers include those from series NCS 540 & 560, NCS 5500, 8000, and ASR 9000. It can also affect any Cisco device that is running any release of Cisco IOS XR Software if an active interface is configured under multicast routing.

RP/0/RSP1/CPU0:Aug 28 03:46:10.375 UTC: raw_ip[399]: %PKT_INFRA-PQMON-6-QUEUE_DROP : Taildrop on XIPC queue 1 owned by igmp (jid=1175)

RP/0/RSP0/CPU0:Aug 28 03:46:10.380 UTC: raw_ip[399]: %PKT_INFRA-PQMON-6-QUEUE_DROP : Taildrop on XIPC queue 1 owned by igmp (jid=1175)

No direct fix for CVE-2020-3566 is made available by Cisco though the company said in an advisory that they are developing software updates and will release them soon for cloud providers and telcos. Meanwhile, customers are also provided with a few steps to mitigate the impact of the vulnerability.  

Let us know if you liked this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!

You may use these HTML tags and attributes:

Save my name, email, and website in this browser for the next time I comment.

By signing up you agree to our Terms of Use and Privacy Policy. Newsletters may contain advertising. You can unsubscribe at any time


World news - US - Cisco Warns Customers About Unpatched Zero-Day DoS Vulnerability in Devices - Toolbox

En s’appuyant sur ses expertises dans les domaines du digital, des technologies et des process , CSS Engineering vous accompagne dans vos chantiers de transformation les plus ambitieux et vous aide à faire émerger de nouvelles idées, de nouvelles offres, de nouveaux modes de collaboration, de nouvelles manières de produire et de vendre.

CSS Engineering s’implique dans les projets de chaque client comme si c’était les siens. Nous croyons qu’une société de conseil devrait être plus que d’un conseiller. Nous nous mettons à la place de nos clients, pour aligner nos incitations à leurs objectifs, et collaborer pour débloquer le plein potentiel de leur entreprise. Cela établit des relations profondes et agréables.

Nos services:

  1. Création des sites web professionnels
  2. Hébergement web haute performance et illimité
  3. Vente et installation des caméras de vidéo surveillance
  4. Vente et installation des système de sécurité et d’alarme
  5. E-Marketing

Toutes nos réalisations ici


Please enter your comment!
Please enter your name here