Skip to main content

Hackers Are Attempting to Cripple Cisco Networking Kit via New 0Day

posted onSeptember 1, 2020
by l33tdawg
CBR Online
Credit: CBR Online

Hackers are actively trying to exploit several high-severity memory exhaustion weaknesses in Cisco software that runs carrier-class routers, the company has warned.

Multiple vulnerabilities have been detected in the distance vector multicast routing protocol (DVMRP) feature of Cisco IOS XR Software, which runs routers and other network devices. If it exploited they “could allow an unauthenticated, remote attacker to exhaust process memory of an affected device,” the company said.

Cisco’s security advisory adds that its team “became aware of attempted exploitation of these vulnerabilities in the wild” on August 28. The bugs have been allocated CVE-2020-3566 and CVE-2020-3569, with a base CVSS score of a “high” 8.6. Admins can determine whether multicast routing is enabled on a device by issuing the show igmp interface command. Guidance is here.

Source

Tags

Cisco Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th