Cisco warns customers about a high severity zero-day vulnerability in data center routers and networking devices that could cause attackers to trigger memory exhaustion. Though no patch is available yet, the networking giant has issued steps to mitigate the threat posed by attackers.
Cisco recently discovered a memory exhaustion Denial of Service (DOS) vulnerability in its IOS XR Network OS, widely used in multiple networking gear like data center routers. The vulnerability impacts the Distance Vector Multicast Routing Protocol (DVMRP) of networking operating system (OS) and can allow attackers to remotely exhaust process memory of an affected device without requiring any sort of authentication.
Cisco came to know about the high-severity zero-day vulnerability — CVE-2020-3566 on Saturday through an exploitation attempt that was discovered by Cisco’s Technical Assistance Center (TAC) team during a support case. In a statement, Cisco warned customers, “On August 28, 2020, the Cisco Product Security Incident Response Team (PSIRT) became aware of attempted exploitation of these vulnerabilities in the wild.”
If successfully exploited, an attacker can exhaust the process memory by leveraging the insufficient queue management for Internet Group Management Protocol (IGMP) packets. “An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols.”
CVE-2020-3566 falls in the ‘high’ severity bracket with a CVSS score of 8.6. Affected routers include those from series NCS 540 & 560, NCS 5500, 8000, and ASR 9000. It can also affect any Cisco device that is running any release of Cisco IOS XR Software if an active interface is configured under multicast routing.
RP/0/RSP1/CPU0:Aug 28 03:46:10.375 UTC: raw_ip: %PKT_INFRA-PQMON-6-QUEUE_DROP : Taildrop on XIPC queue 1 owned by igmp (jid=1175)
RP/0/RSP0/CPU0:Aug 28 03:46:10.380 UTC: raw_ip: %PKT_INFRA-PQMON-6-QUEUE_DROP : Taildrop on XIPC queue 1 owned by igmp (jid=1175)
No direct fix for CVE-2020-3566 is made available by Cisco though the company said in an advisory that they are developing software updates and will release them soon for cloud providers and telcos. Meanwhile, customers are also provided with a few steps to mitigate the impact of the vulnerability.
Let us know if you liked this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!
Save my name, email, and website in this browser for the next time I comment.
World news - US - Cisco Warns Customers About Unpatched Zero-Day DoS Vulnerability in Devices - Toolbox