Cisco Industrial Ethernet 4000 and Ethernet 5000 Series Switches ICMP IPv4 Packet Corruption Vulnerability

A vulnerability in the packet processing microcode of Cisco Industrial Ethernet 4000 Series Switches and Cisco Industrial Ethernet 5000 Series Switches could allow an unauthenticated, remote attacker to corrupt packets enqueued on the device for further processing.

The vulnerability is due to improper processing of some ICMP IPv4 packets. An attacker could exploit this vulnerability by sending ICMP IPv4 packets to an affected device. A successful exploit could allow an attacker to corrupt the packet enqueued immediately after the packet sent. This may impact control traffic to the device itself (Address Resolution Protocol (ARP) traffic) or traffic transiting the device.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.

This advisory is available at the following link: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies[“https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160513-ies”]