Cisco Enterprise Routers Are Vulnerable to Disruptive Attacks

10
Cisco Enterprise Routers Are Vulnerable to Disruptive Attacks

This week, Cisco released patches for ASR 9000, ASR 9902, and ASR 9903 series enterprise routers that address a high-severity denial-of-service (DoS) vulnerability in the IOS XR software.

The platform’s bidirectional forwarding detection (BFD) hardware offload feature is affected by the vulnerability, which is logged as CVE-2023-20049 (CVSS score of 8.6) and can be exploited remotely and without authentication. Malformed BFD packets are improperly handled on vulnerable devices with the BFD hardware offload feature enabled, allowing an attacker to send crafted IPv4 BFD packets to the configured IPv4 address and exploit the flaw.

The tech giant advises turning off the BFD hardware offload feature as a workaround. This can be done by deleting all hw-module bfw-hw-offload enable commands and resetting the line card.

Read More: Vulnerability Exposes Cisco Enterprise Routers to Disruptive Attacks

For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.