Cisco Warns of Serious Flaws in IOS Software

June 30, 2017

Cisco has warned users that devices running the company’s IOS or IOS XE software are affected by several high severity vulnerabilities that can be exploited for remote code execution and denial-of-service (DoS) attacks.

There are a total of nine flaws affecting the Simple Network Management Protocol (SNMP) component of IOS and IOS XE software. Patches have yet to be made available by Cisco, but the networking giant has shared some workarounds.

An authenticated attacker who knows the SNMP read-only community string of the targeted system could execute code or cause the device to reload by sending a specially crafted SNMP packet via IPv4 or IPv6.

Read More on Security Week