Security News > 2020 > September > Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers

Cisco Warns of Active Exploitation of Flaw in Carrier-Grade Routers
2020-09-02 12:28

Cisco Systems says hackers are actively exploiting previously unpatched vulnerabilities in its carrier-grade routers that could allow adversaries to crash or severely disrupt devices.

The vulnerabilities exist in the Distance Vector Multicast Routing Protocol feature of Cisco IOS XR Software and could allow an unauthenticated, remote attacker to immediately crash the Internet Group Management Protocol process, the company warned in an advisory over the weekend.

The vulnerabilities affect "Any Cisco device that is running any release of Cisco IOS XR Software if an active interface is configured under multicast routing and it is receiving DVMRP traffic," the company said.

Companies using the affected routers can mitigate attacks depending on their needs and network configuration, according to Cisco.

If an attacker does successfully crash a router's IGMP process, operators do not need to manually restart the IGMP process because the system will perform that action, which will recover the consumed memory, according to Cisco.


News URL

https://threatpost.com/cisco-warns-of-active-exploitation-of-flaw-in-carrier-grade-routers/158887/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Cisco 2046 21 1773 1669 288 3751