Cisco IOS XR Software Crafted SNMP Packets Denial of Service Vulnerability

A vulnerability in the SNMP module of Cisco IOS XR Software could allow an authenticated, remote attacker to cause the SNMP process to restart.

The vulnerability is due to improper processing of crafted SNMP packets. An attacker could exploit this vulnerability by sending crafted SNMP packets to the affected device. An exploit could allow the attacker to cause the SNMP process to restart.

Cisco has confirmed the vulnerability in a security notice and software updates are available.

To exploit the vulnerability, an attacker would likely need access to a trusted, internal network to send crafted SNMP packets to the targeted system. In addition, an attacker must authenticate to the targeted device. These access requirements may reduce the likelihood of a successful attack.

Customers are advised to review the bug reports in the “Vendor Announcements” section for a current list of affected versions.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.