This week, Cisco released its semiannual IOS and IOS XE software security advisory bundle, which addresses ten vulnerabilities, including six rated ‘high severity.’ Of the most important high-severity bugs, three security flaws can be exploited by remote, unauthenticated attackers to cause a denial-of-service (DoS) condition.
The first of these, CVE-2023-20080, impacts the IPv6 DHCP version 6 (DHCPv6) relay and server features of IOS and IOS XE software. An attacker could exploit this vulnerability by sending crafted DHCPv6 messages to an affected device and causing it to reload unexpectedly.
The second vulnerability, CVE-2023-20072, impacts the fragmentation handling code of tunnel protocol packets and can be exploited by sending crafted fragmented packets.
Cisco also addressed CVE-2023-20027, an issue in the implementation of the IPv4 Virtual Fragmentation Reassembly (VFR) feature of IOS and IOS XE software which exists because large packets are not properly reassembled when VFR is enabled. This vulnerability can be triggered by sending fragmented packets through a VFR-enabled interface.
Another high-severity DoS flaw was resolved in the HTTP-based client profiling feature of IOS XE software for Wireless LAN controllers (WLCs). Tracked as CVE-2023-20067, the issue can be exploited by an adjacent attacker, without authentication.
The sixth high-severity flaw that Cisco addressed this week is CVE-2023-20065, an insufficient restrictions issue in the IOx application hosting subsystem of IOS XE software, which could allow an authenticated attacker to escalate their privileges to those of root.
Cisco also released patches for medium-severity DoS, path traversal, and privilege escalation vulnerabilities. Three other high-severity flaws, including a secure boot issue in Catalyst 9300 series switches, a privilege escalation bug in DNA Center, and a DoS vulnerability in access point (AP) software, were also addressed.
In conclusion, Cisco this week released its semiannual IOS and IOS XE software security advisory bundle which addressed ten vulnerabilities, including six rated ‘high severity’. Three security flaws of the most importance can be exploited by remote, unauthenticated attackers to cause a denial of service condition. In addition, medium-severity DoS, path traversal, privilege escalation, and secure boot issues were addressed.
Key Points:
- Cisco released its semiannual IOS and IOS XE software security advisory bundle this week.
- The bundle addressed ten vulnerabilities, including six rated ‘high severity’.
- Three security flaws can be exploited by remote, unauthenticated attackers to cause a denial-of-service (DoS) condition.
- Medium-severity DoS, path traversal, privilege escalation, and secure boot issues were also addressed.