Cisco turns out 25 high-threat security patches for IOS, IOS XE – Channel Asia Singapore

Credit: Dreamstime

If you are a security admin with lots of systems running Cisco IOS and IOS XE software today is decidedly not your day.

Cisco has posted 25 “high” rated security advisories that stem from 34 vulnerabilities the company suggests should be fixed as soon as possible. The vulnerabilities impact a wide-range of Cisco gear as IOS and IOS XE are the company’s most widely used operating systems. The warnings affect firewalls, wireless access points and switches.

For example, one of the highest rated threats–with an 8.6 out of 10 threat level, are multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software that could let an remote attacker to cause the device to reload or stop forwarding traffic through the firewall, resulting in a denial of service (DoS).

Cisco stated that the vulnerabilities are due to incomplete handling of Layer 4 packets through the device. An attacker could exploit these vulnerabilities by sending a certain sequence of traffic patterns through the device.

Another 8.6-rated vulnerability involves the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could let an unauthenticated, remote attacker cause an affected device to reload, resulting in a DoS condition.

“The vulnerability occurs because the regular expression (regex) engine that is used with the Split DNS feature of affected releases may time out when it processes the DNS name list configuration. An attacker could exploit this vulnerability by trying to resolve an address or hostname that the affected device handles,” Cisco stated.

Still another 8.6-rated security threat involves a vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers. The vulnerability is due to insufficient error handling when DHCP version 4 (DHCPv4) messages are parsed.


READ  Tech Dominates FlexJob's Top 50 Companies Hiring For Remote Jobs - Forbes


Please enter your comment!
Please enter your name here