Security News > 2020 > September > Cisco Says Hackers Targeting Zero-Days in Carrier-Grade Routers
Cisco has warned that hackers are targeting not one, but two unpatched vulnerabilities in the DVMRP feature of IOS XR software that runs on many carrier-grade routers.
Over the weekend, the company published an advisory to warn of active attacks targeting a security flaw in the Distance Vector Multicast Routing Protocol feature of IOS XR to cause memory exhaustion denial of service.
According to the company, all Cisco devices that are running any release of IOS XR software are affected, provided that an active interface is configured under multicast routing.
Impacted devices include: ASR 9000, NCS 5500, 8000, as well as NCS 540 & 560 series routers.
No workarounds to address the two issues have been detailed yet, but Cisco has published indicators of compromise to help administrators determine whether attackers are exploiting the vulnerabilities in their devices.
News URL
Related news
- Hackers Exploit Zero-Day in cnPilot Routers to Deploy AIRASHI DDoS Botnet (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- New Mirai botnet targets industrial routers with zero-day exploits (source)
- Hackers exploit 16 zero-days on first day of Pwn2Own Automotive 2025 (source)
- Hackers get $886,250 for 49 zero-days at Pwn2Own Automotive 2025 (source)
- XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web Shells (source)