A serious vulnerability affecting the software of some of Cisco’s routing hardware systems for telecommunications and Internet service providers could be exploited to mount DoS attacks, the company has announced in a security advisory.
The good news is that there are no recorded instances of the vulnerability being exploited in the wild (the flaw was discovered during internal testing), and that the company has already pushed out a patch.
The flaw affects the Cisco IOS XR Software for Cisco Network Convergence System 6000 (NCS 6000) and Cisco Carrier Routing System (CRS-X) line cards.
“The vulnerability is due to improper processing of malformed IPv6 packets carrying extension headers. An attacker could exploit this vulnerability by sending a malformed IPv6 packet, carrying extension headers, through an affected Cisco IOS XR device line card. An exploit could allow the attacker to cause a reload of the line card on the affected Cisco IOS XR device,” the company noted in the advisory. “This vulnerability could be exploited repeatedly to cause an extended DoS condition.”
This flaw can only be triggered by the traffic transiting an affected device, not destined to it, so devices are vulnerable only if they are configured to process IPv6 traffic passing through the device.
There are no workarounds for addressing the vulnerability, so service providers would do well to implement the patch as soon as possible.