Security News > 2020 > September > Cisco Says Hackers Targeting Zero-Days in Carrier-Grade Routers
Cisco has warned that hackers are targeting not one, but two unpatched vulnerabilities in the DVMRP feature of IOS XR software that runs on many carrier-grade routers.
Over the weekend, the company published an advisory to warn of active attacks targeting a security flaw in the Distance Vector Multicast Routing Protocol feature of IOS XR to cause memory exhaustion denial of service.
According to the company, all Cisco devices that are running any release of IOS XR software are affected, provided that an active interface is configured under multicast routing.
Impacted devices include: ASR 9000, NCS 5500, 8000, as well as NCS 540 & 560 series routers.
No workarounds to address the two issues have been detailed yet, but Cisco has published indicators of compromise to help administrators determine whether attackers are exploiting the vulnerabilities in their devices.
News URL
Related news
- Chinese hackers exploit Fortinet VPN zero-day to steal credentials (source)
- RomCom hackers chained Firefox and Windows zero-days to deliver backdoor (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Chinese hackers breached T-Mobile's routers to scope out network (source)
- Japan warns of IO-Data zero-day router flaws exploited in attacks (source)
- U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls (source)
- Hackers exploit Four-Faith router flaw to open reverse shells (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Google: Chinese hackers likely behind Ivanti VPN zero-day attacks (source)