Cisco IOS XE Software PPPoE Denial of Service Vulnerability

A vulnerability in the PPP over Ethernet (PPPoE) processing code of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of the affected device, which could lead to a denial of service (DoS) condition.

The vulnerability is due to improper processing of certain malformed PPPoE packets. An attacker could exploit this vulnerability by sending a malformed PPPoE packet to an IOS XE ASR1000 device configured with PPPoE termination. An exploit could allow the attacker to cause a reload of the affected device, which could lead to a DoS condition.

Cisco has confirmed the vulnerability in a security notice and released software updates.

To exploit this vulnerability, an attacker must have access to the same broadcast or collision domain as the targeted device to send malformed PPPoE packets to the device. This access requirement may reduce the likelihood of a successful exploit.

Cisco indicates through the CVSS score that functional exploit code exists; however, the code is not known to be publicly available.